Behavior-Based Incident Detection and Response in Air-Gapped Networks




Abstract:
Closed autonomous systems operate in highly sensitive environments, such as critical infrastructure, defence networks, and specialized research facilities, where isolation and controlled access help minimize exposure to external cyber threats. Despite this separation, internal risks—including insider actions, misconfigurations, and unauthorized operations—remain significant. This paper examines methods for detecting, analysing, and mitigating cyber incidents in such systems, emphasizing early recognition of anomalous behaviour and structured response strategies. Key measures discussed include network segmentation, privileged access controls, multifactor authentication, audit logging, and false-positive reduction. The study highlights how integrating technical safeguards with procedural policies strengthens resilience and enhances overall security in isolated, autonomous networks.

CITATION:

IEEE format

M. Premović, B. Stojanović, M. Veinović, I. Petrović, “Behavior-Based Incident Detection and Response in Air-Gapped Networks,” in Sinteza 2026 - International Scientific Conference on Information Technology, Computer Science, and Data Science, Belgrade, Singidunum University, Serbia, 2026, pp. 178-182. doi:10.15308/Sinteza-2026-178-182

APA format

Premović, M., Stojanović, B., Veinović, M., Petrović, I. (2026). Behavior-Based Incident Detection and Response in Air-Gapped Networks. Paper presented at Sinteza 2026 - International Scientific Conference on Information Technology, Computer Science, and Data Science. doi:10.15308/Sinteza-2026-178-182

BibTeX format
Download

RefWorks Tagged format
Download