TY - JOUR
T1 - Security-Driven Prioritization for Tactical Mobile Networks
AU - Suomalainen, Jani
AU - Julku, Jukka
AU - Heikkinen, Antti
AU - Rantala, Seppo J.
AU - Yastrebova, Anastasia
N1 - Funding Information:
This work was supported by Business Finland and the consortium partners of the PRIORITY project. This work has been partially supported by Business Finland also through the AI-NET-ANTILLAS project.
PY - 2022/6
Y1 - 2022/6
N2 - Public safety and security authorities utilize tactical mobile networks to enable communications in situations where fixed infrastructure is unavailable. While these rapidly deployable networks rely on open standards, and support emerging applications and cross-organization federation, they are also vulnerable for cyber and insider threats. Active cybersecurity and threat detection solutions must work in isolated tactical bubbles without human interactions and cannot assume connectivity to remote security operations centers. This study explores the concept of a tactical security operations center (T-SOC) and presents an approach to adapting mobile network applications based on security monitoring and analytics. The security-driven prioritization of traffic flows demonstrates, first, a security decision making that is based on traffic analysis and security posture assessment and, second, an intelligent security response to availability threats by dynamically adjusting quality parameters of live video streams. We describe field trialed implementations based on open-source components and measure and analyze trade-offs between edge and cloud-based deployments. We also discuss other potential reaction strategies, such as trust-based routing, and present directions for future research.
AB - Public safety and security authorities utilize tactical mobile networks to enable communications in situations where fixed infrastructure is unavailable. While these rapidly deployable networks rely on open standards, and support emerging applications and cross-organization federation, they are also vulnerable for cyber and insider threats. Active cybersecurity and threat detection solutions must work in isolated tactical bubbles without human interactions and cannot assume connectivity to remote security operations centers. This study explores the concept of a tactical security operations center (T-SOC) and presents an approach to adapting mobile network applications based on security monitoring and analytics. The security-driven prioritization of traffic flows demonstrates, first, a security decision making that is based on traffic analysis and security posture assessment and, second, an intelligent security response to availability threats by dynamically adjusting quality parameters of live video streams. We describe field trialed implementations based on open-source components and measure and analyze trade-offs between edge and cloud-based deployments. We also discuss other potential reaction strategies, such as trust-based routing, and present directions for future research.
KW - Cybersecurity
KW - Security monitoring
KW - Security operations center
KW - Intelligent security
KW - Video adaptation
KW - Dynamic prioritization
KW - Tactical network
KW - Mobile network
UR - http://www.scopus.com/inward/record.url?scp=85130080125&partnerID=8YFLogxK
U2 - 10.1016/j.jisa.2022.103198
DO - 10.1016/j.jisa.2022.103198
M3 - Article
SN - 2214-2134
VL - 67
JO - Journal of Information Security and Applications
JF - Journal of Information Security and Applications
M1 - 103198
ER -