Towards the Protection of Critical Information Infrastructures using a Lightweight, Non-intrusive Embedded System

Critical Infrastructures (CIs), such as those that are found in the energy, financial, transport, communications, water, health and national security sectors, are an essential pillar to the well-being of the national and international economy, security and quality of life. These infrastructures are dependent on a wide variety of highly interconnected information systems for their smooth, reliable and continuous operation. Cybercrime has become a major threat for such Critical Information Infrastructures (CIIs). To mitigate this phenomenon, several techniques have been proposed within the space of Intrusion Detection Systems (IDSs). IDS is an important and necessary component in ensuring network security and protecting network resources and network infrastructures. In this paper, we propose a lightweight, non-intrusive generic embedded system that aids in the protection of CIIs. The operation of the proposed system is based on state of the art IDS and other open source frameworks for the monitoring and supporting services and aims to fulfill the end-user’s requirements. The generic and non-intrusive nature of the system along with the low configuration effort allows rapid deployment to a wide range of CII nodes such as telecommunication routers and smart grid nodes, as well as for single endpoint protection.