Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 24 / Issue 5

available in:   PDF (72 kB) PS (119 kB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future

Technical and Social Aspects of Critical Infrastructure Security

J.UCS Special Issue

Jörg Keller
(Faculty of Mathematics and Computer Science, FernUniversität in Hagen, Germany
joerg.keller@fernuni-hagen.de)

Igor Bernik
(Faculty of Criminal Justice and Security, University of Maribor, Slovenia
igor.bernik@fvv.uni-mb.si)

Wojciech Mazurczyk
(Faculty of Electronics and Information Technology
Warsaw University of Technology, Poland
wmazurcz@elka.pw.edu.pl)

Critical infrastructure comprises various sensitive information which represent tremendous values. Their compromise could affect critical infrastructure and the results could potentially be catastrophic for people and the environment. Therefore, critical infrastructure systems need to be protected from cyber attacks. In recent years, cyber attackers have proven that they are becoming more motivated, they have various intentions, capabilities, knowledge, funding and tactics. Do we really know what are cyber attackers looking for, what types of information could be considered sensitive, their responsible personnel and how do we protect them?

Critical infrastructure has several sectors whose assets, systems, physical and virtual networks are considered so vital to a country that their destruction or incapacitation would have a debilitating effect on security, economic security, public health or any combination thereof. Critical infrastructure includes the communications sector, the chemical sector, the commercial facilities sector, the critical manufacturing sector, the defense industrial base sector, the emergency services sector, energy sector, the financial services sector, the food and agriculture sector, the government facilities sector, the healthcare sector, the information technology sector, the transportation systems sector, the water and wastewater systems sector, and the nuclear reactors, materials and waste sector.

Today, all critical infrastructure sectors rely heavily on IT for operations. The critical infrastructure security however remains a major challenge. As shown by the latest global ransomware attacks, both social and technical shortcomings play important roles in achieving adequate levels of critical infrastructure (in)security. For example, targeted attacks exploiting social shortcomings may be used to first penetrate into a critical infrastructure system, and then spread like wildfire by exploiting its technical shortcomings.

Page 554

The special issue targets security of all types of critical infrastructure, and addresses both social and technical aspects of ensuring critical infrastructure security. The call for papers for this special issue was distributed over relevant mailing lists, call-for-paper distribution websites, personal and university websites, and on the homepage of the journal. In addition to submissions of new articles, extended versions of accepted papers from the Central European Cybersecurity Conference - CECC 2017 have been invited for submission under the condition of providing at least 50% new content. The submissions were peer-reviewed by experts in the domain.

Based on the reviews and our own judgment, six articles were selected for publication in this special issue, that represent the breadth of the field. Ralf Kreidel, Steffen Wendzel, Sebastian Zilien, Eric S. Conner and Georg Haas present a testbed for the evaluation of algorithms to detect covert channels in networks, which aims to support experimental work in this field. S. Prabavathy, K. Sundarakantham and S. Mercy Shalinie investigate a security system that targets the use of Internet-of-Things (IoT) sensors in critical infrastructure, and hence uses fog computing instead of a centralized solution to detect attacks. Loganathan Yamuna Devi and Kaliannan Thilagavathy present and analyze a privacy-preserving protocol to check integrity of critical infrastructure data that have been outsourced into a cloud. Barbara Bobowska, Michał Choraś and Michał Woźniak analyze data streams to prevent critical infrastructure from attacks on the application layer. Simon Vrhovec and Blaž Markelj investigate how information of hospital employees on the consequences of data breaches and information security conformance influences the use of mobile devices to access medical data in hospitals. Anže Mihelič and Simon Vrhovec discuss a controversial topic: are offensive measures, i.e. attacking the attacker, adequate to fight an attack on a critical infrastructure?

We would like to express our thankfulness to Christian Gütl (Managing Editor) and Dana Kaiser (Head of Editorial Team) for permitting us to organize this special issue under the umbrella of the Journal of Universal Computer Science. We also like to thank all reviewers who facilitated the review process, namely Miroslav Bacča, Igor Bernik, Krzysztof Cabaj, Luca Caviglione, Michał Choraś, Tobias Eggendorfer, Bela Genge, Christian Hummert, Jörg Keller, Maciej Korczynski, Jean-Francois Lalande, Olaf Maennel, Jorge T. Martins, Blaž Markelj, Wojciech Mazurczyk, Roman Messmer, Kai Simon, Mark Strembeck, Simon Vrhovec, Damian Weber, Steffen Wendzel, and Dirk Westhoff. Last but not least, we like to thank all authors for submitting their work to this special issue.

Page 555