IT early warning systems - State-of-the-art and promising approaches to increase resilience of critical infrastructures
Modern societies heavily depend on efficient information and communication technology (ICT) infrastructures. Due to the interdependencies between critical infrastructures and the underlying ICT malfunctions in ICT can cause cascading effects seriously damaging public life. At the same time the evolution of malware is proceeding rapidly so that the time between detection of vulnerabilities and reaction is reducing precisely. Response handling is still done by humans who can not keep up with the high processing rate of (attacking) computer-based systems. Hence the need for automated response including early warnings of emerging trends and hazards increases. This paper describes the need for IT early warning systems and provides an overview on general concepts and efforts regarding IT early warning. In this context four approaches are discussed in detail: Internet Worm Early Warning System, CarmentiS, Internet Analysis System and Agent based Early Warning System. Based on the close look at these four approaches future challenges for research and development are proposed.