MonSys: A Scalable Platform for Monitoring Digital Services Availability, Threat Intelligence and Cyber Resilience Situational Awareness

Today’s digital society implies interconnectivity between the online operations of different sectors of everyday life and economy alike. As a consequence, malicious activities targeted towards a single online service could hurt entire industries and multiple private and public organizations. This interdependence between online services and economic units is an imperative for targeted efforts ensuring the integrity and availability of individual systems and complex systems-of-systems alike. This article presents MonSys, a flexible, robust, and scalable monitoring platform, implemented as a cloud-based service and an onpremise solution, specifically designed to address the need for ensuring service availability at an individual level. MonSys provides several standardized services availability checks, such as web-based services from multiple geographical locations, and a flexible platform and tools for defining customized complex services. Particular attention is paid to the processes of metrics collection, processing, storage, and querying. MonSys can perform custom availability checks for different types of infrastructures, such as various black-box, grey-box, and white-box availability checks/metrics. The article presents also results from piloting the platform on performance and scalability and options for integration in early-warning and intelligent signaling, based on behavioral pattern analysis and predictive simulations. A R T I C L E I N F O : RECEIVED: 7 JULY 2020 REVISED: 31 AUG 2020 ONLINE: 7 SEP 2020 K E Y W O R D S : scalability, cyber threat, vulnerability analysis, cyber risk, resilience, early warning, situational awareness Creative Commons BY-NC 4.0 G. Sharkov et al., ISIJ 46, no. 2 (2020): 155-167

[1]  Evon M. O. Abu-Taieh Cyber Security Body of Knowledge , 2017, 2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2).

[2]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[3]  T. Tagarev,et al.  Cyber Security and Resilience of Modern Societies: A Research Management Architecture , 2017 .

[4]  Rossouw von Solms,et al.  From information security to cyber security , 2013, Comput. Secur..

[5]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[6]  Yaokai Feng,et al.  An ANN Based Sequential Detection Method for Balancing Performance Indicators of IDS , 2019, 2019 Seventh International Symposium on Computing and Networking (CANDAR).

[7]  Sandra König,et al.  An adaptive supply chain cyber risk management methodology , 2017 .

[8]  Todor Tagarev,et al.  Main Considerations in Elaborating Organizational Information Security Policies , 2019, CompSysTech.

[9]  Tarrah R. Glass-Vanderlan,et al.  A Survey of Intrusion Detection Systems Leveraging Host Data , 2018, ACM Comput. Surv..

[10]  Xiangdong Che,et al.  Understanding Modern Intrusion Detection Systems: A Survey , 2017 .

[11]  Yasuo Musashi,et al.  Review of Cybersecurity Research Topics, Taxonomy and Challenges: Interdisciplinary Perspective , 2019, 2019 IEEE 12th Conference on Service-Oriented Computing and Applications (SOCA).

[12]  Rami J. Haddad,et al.  Vulnerability Analysis of Content Management Systems to SQL Injection Using SQLMAP , 2018, SoutheastCon 2018.

[13]  Takao Okubo,et al.  Power of Communication Behind Extreme Cybersecurity Incidents , 2019, 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech).

[14]  Mauro Conti,et al.  RPiDS: Raspberry Pi IDS — A Fruitful Intrusion Detection System for IoT , 2016, 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld).