Mobile Agent based Security Monitoring and Analysis for the Electric Power Infrastructure

M.W. David (UK) and K. Sakurai (Japan)

Keywords

Global Security Architectures and Infrastructures, Mobile Agent Security, Network Security,Security Analysis Methodologies

Abstract

This paper proposes a concept designed to support the US Computer Emergency Response Team (US-CERT) and the National Infrastructure Protection Center's (NIPC) Indications, Analysis & Warning (IAW) program. It recommends methodologies and an infrastructure to enhance the reporting of cyber incidents affecting critical network infrastructure (CNI) like electric power. It is not designed to deal with the physical power generation and transmission infrastructure, but the security and integrity of the information/data networks, which helps control, monitor and manage it. Our approach is to use distributed mobile agents to integrate security policy, intrusion prevention, intrusion detection and attack/failure analysis activities into a mutually supporting infrastructure. We tentatively call this a Critical Network Infrastructure Analysis Center (CNIAC), and suggest one for the Information Sharing and Analysis Center (ISAC) for the electric power grid, the North American Reliability Council (NERC) and its interface with the regional Independent Systems Operators (ISO) and Regional Transmission Organizations (RTO). We propose an electric power mobile agent system (EPMAS) be designed to support secure communications interface, update security policy, collect and audit IDS related data and provide status reports.

Important Links:



Go Back