Adaptive and Intelligent Data Collection and Analytics for Securing Critical Financial Infrastructure

This chapter presents the FINSEC adaptive and intelligent data collection and analytics system for securing critical financial infrastructure. It enhances the intelligent,
resilient, automated, efficient, secure, and timely manner the collection and analysis of security-related data for securing cyber-physical financial infrastructure and services. Making security data collection and analysis intelligent and capable
of quickly spotting, learning from, and addressing zero-day threats is essential to economizing of resources and accessing the right information at the right time. This is achieved through the configuration of configurable collection probes and the adaptation of different collection strategies. The chapter further addresses how, inter alia, (i) the nature and quality of collected data affects the efficiency and accuracy of methods of attack detection and defense, (ii) the detection capability can be improved by correlating wide-ranging data sources and predictive analytics, (iii) the rate of the data collection at the various monitoring probes is tuned by managing the appropriate levels and types of intelligence and adaptability of security monitoring, (iv) the optimization of bandwidth and storage of security information can be achieved by rendering adaptiveness and intelligence and by integrating smart security probes and a set of adaptive strategies and rules, and (v) the increased
automation is achieved through a feedback loop of collection, detection, and prevention that allows the early detection and prevention of security compromises and consistently makes security analysis more effective.