Adaptive and Intelligent Data Collection and Analytics for Securing Critical Financial Infrastructure

This chapter presents the FINSEC adaptive and intelligent data collection and ana- lytics system for securing critical financial infrastructure. It enhances the intelli- gent, resilient, automated, efficient, secure, and timely manner the collection and analysis of security-related data for securing cyber-physical financial infrastructure and services. Making security data collection and analysis intelligent and capable of quickly spotting, learning from, and addressing zero-day threats is essential to economizing of resources and accessing the right information at the right time. This is achieved through the configuration of configurable collection probes and the adaptation of different collection strategies. The chapter further addresses how, inter alia, (i) the nature and quality of collected data affects the efficiency and accu- racy of methods of attack detection and defense, (ii) the detection capability can be improved by correlating wide-ranging data sources and predictive analytics, (iii) the rate of the data collection at the various monitoring probes is tuned by manag- ing the appropriate levels and types of intelligence and adaptability of security monitoring, (iv) the optimization of bandwidth and storage of security informa- tion can be achieved by rendering adaptiveness and intelligence and by integrating smart security probes and a set of adaptive strategies and rules, and (v) the increased automation is achieved through a feedback loop of collection, detection, and pre- vention that allows the early detection and prevention of security compromises and consistently makes security analysis more effective.