---

This analysis of the software infrastructure in the financial sector looks at vulnerability to cyber attack and existing protection methods. It then shows how information sharing among financial institutions helps them react more effectively to cyber attacks.

---

The Critical Infrastructure Protection Survey recently released by Symantec found that 53% of interviewed IT security experts from international companies experienced at least ten cyber attacks in the last five years, and financial institutions were often subject to some of the most sophisticated and large-scale cyber attacks and frauds.
The book by Baldoni and Chockler analyzes the structure of software infrastructures found in the financial domain, their vulnerabilities to cyber attacks and the existing protection mechanisms. It then shows the advantages of sharing information among financial players in order to detect and quickly react to cyber attacks. Various aspects associated with information sharing are investigated from the organizational, cultural and legislative perspectives. The presentation is organized in two parts: Part I explores general issues associated with information sharing in the financial sector and is intended to set the stage for the vertical IT middleware solution proposed in Part II. Nonetheless, it is self-contained and details a survey of various types of critical infrastructure along with their vulnerability analysis, which has not yet appeared in a textbook-style publication elsewhere. Part II then presents the CoMiFin middleware for collaborative protection of the financial infrastructure.
The material is presented in an accessible style and does not require specific prerequisites. It appeals to both researchers in the areas of security, distributed systems, and event processing working on new protection mechanisms, and practitioners looking for a state-of-the-art middleware technology to enhance the security of their critical infrastructures in e.g. banking, military, and other highly sensitive applications. The latter group will especially appreciate the concrete usage scenarios included.

---

Part I The Financial Infrastructure.- The Financial Critical Infrastructure and the value of Information Sharing.- Modeling and Risk analysis of Information sharing in the Financial Infrastructure.- Cyber Attacks to Financial Critical Infrastructures.- Part II CoMiFin Collaborative Platform.- CoMiFin Architecture and Semantic Rooms.- Monitoring and Evaluation of Semantic Rooms.- Trust and Privacy.- Collaborative Inter-Domain Stealthy Port Scan Detection Using ESPER Complex Event Processing.- Distributed Attack Detection Using Agilis.- Collaborative attack detection using Distributed Hash Tables.

---