Protecting Critical Infrastructures from Cyber Attacks Involving Malware

Y Elovici, A Shabtai

Modelling Cyber Security: Approaches, Methodology, Strategies 59, 140, 2009

Protecting Critical Information Infrastructures (CIIs) from attacks originating from the Internet is a great withstanding challenge. This article describes the challenges in protecting CII from malware and suggests three approaches. The first approach suggests purifying malicious traffic on public NSP/ISP networks in order to minimise the risk that innocent users, unbeknownst to them, will be exploited and used by the perpetrators as launch pads for attacks on CIIs. The second approach focuses on overlay networks established between CIs, where communication between CIs is mapped to underlying physical networks and the most critical routers are pinpointed, thereby enabling the cost/effective deployment of malware filtering devices. Finally, the third approach focuses on detecting hidden botnets, which often serve as a launch pad for Distributed Denial of Service (DDoS) attacks on CIIs.