Resumen
This article focuses on a process control approach to detection of cyber attack. A cyber attack is an attack on a computer and network system, consisting of computer actions such as remote or local connection, computer file access, or program execution with the intent to compromise the secure operation of the computer and network systems. When placing information assurance in the context of process control, attack prevention is analogous to system planning. Attack detection, isolation, assessment, and reaction are aspects of diagnostic control. In this article, a process control approach to system modeling for information assurance is illustrated, which leads to a Cyber Attack Control System. A model-based design of attack-detection techniques is presented to demonstrate how a process model of a computer and network system supports cyber attack detection. The process control approach to cyber attack detection is promising for several reasons. Fundamentally, it provides a conceptual framework to model a computer and network system in which both normal and attack activities occur. As the system is modeled from a process control perspective, well-established techniques in process control can be applied to overcome problems with existing techniques. |