Bayesian Decision Network-Based Security Risk Management Framework

被引:25
|
作者
Khosravi-Farmad, Masoud [1 ]
Ghaemi-Bafghi, Abbas [1 ]
机构
[1] Ferdowsi Univ Mashhad, Dept Comp Engn, Data & Commun Secur Lab, Mashhad, Razavi Khorasan, Iran
关键词
Risk assessment; Risk mitigation; Risk management framework; Cost-benefit analysis; Decision making; Bayesian decision network; ATTACK GRAPH;
D O I
10.1007/s10922-020-09558-5
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Network security risk management is comprised of several essential processes, namely risk assessment, risk mitigation and risk validation and monitoring, which should be done accurately to maintain the overall security level of a network in an acceptable level. In this paper, an integrated framework for network security risk management is presented which is based on a probabilistic graphical model called Bayesian decision network (BDN). Using BDN, we model the information needed for managing security risks, such as information about vulnerabilities, risk-reducing countermeasures and the effects of implementing them on vulnerabilities, with the minimum need for expert's knowledge. In order to increase the accuracy of the proposed risk assessment process, vulnerabilities exploitation probability and impact of vulnerabilities exploitation on network assets are calculated using inherent, temporal and environmental factors. In the risk mitigation process, a cost-benefit analysis is efficiently done using modified Bayesian inference algorithms even in case of budget limitation. The experimental results show that network security level enhances significantly due to precise assessment and appropriate mitigation of risks.
引用
收藏
页码:1794 / 1819
页数:26
相关论文
共 50 条
  • [21] HierCDF: A Bayesian Network-based Hierarchical Cognitive Diagnosis Framework
    Li, Jiatong
    Wang, Fei
    Liu, Qi
    Zhu, Mengxiao
    Huang, Wei
    Huang, Zhenya
    Chen, Enhong
    Su, Yu
    Wang, Shijin
    [J]. PROCEEDINGS OF THE 28TH ACM SIGKDD CONFERENCE ON KNOWLEDGE DISCOVERY AND DATA MINING, KDD 2022, 2022, : 904 - 913
  • [22] Navigating uncertainty: A dynamic Bayesian network-based risk assessment framework for maritime trade routes
    Fan, Hanwen
    Jia, Haiying
    He, Xuzhuo
    Lyu, Jing
    [J]. RELIABILITY ENGINEERING & SYSTEM SAFETY, 2024, 250
  • [23] Bayesian network-based security decision-making method for the full-ocean-depth "Wukong" AUV
    Wang, Yujia
    Wang, Yu
    Zhang, Tianchi
    Yao, Feng
    [J]. PROCEEDINGS OF THE INSTITUTION OF MECHANICAL ENGINEERS PART M-JOURNAL OF ENGINEERING FOR THE MARITIME ENVIRONMENT, 2023, 237 (01) : 206 - 214
  • [24] A Software Defined Network-Based Security Assessment Framework for CloudIoT
    Han, Zhuobing
    Li, Xiaohong
    Huang, Keman
    Feng, Zhiyong
    [J]. IEEE INTERNET OF THINGS JOURNAL, 2018, 5 (03): : 1424 - 1434
  • [25] An Empirical Risk Management Framework for Monitoring Network Security
    Awan, Malik Shahzad Kaleem
    Burnap, Pete
    Rana, Omer
    [J]. CIT/IUCC/DASC/PICOM 2015 IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY - UBIQUITOUS COMPUTING AND COMMUNICATIONS - DEPENDABLE, AUTONOMIC AND SECURE COMPUTING - PERVASIVE INTELLIGENCE AND COMPUTING, 2015, : 1765 - 1772
  • [26] A Bayesian Network-Based Integrated for Flood Risk Assessment (InFRA)
    Joo, Hongjun
    Choi, Changhyun
    Kim, Jungwook
    Kim, Deokhwan
    Kim, Soojun
    Kim, Hung Soo
    [J]. SUSTAINABILITY, 2019, 11 (13):
  • [27] The Emergency Response Management Based on Bayesian Decision Network
    Qiu, Jiannan
    Gu, Wenjing
    Kong, Qian
    Zhong, Qiuyan
    Hu, Jilei
    [J]. PROCEEDINGS OF 2016 IEEE SYMPOSIUM SERIES ON COMPUTATIONAL INTELLIGENCE (SSCI), 2016,
  • [28] Complexity-based risk decision framework for cost overrun using fuzzy Bayesian network
    Afzal, Farman
    Afzal, Fahim
    Junaid, Danish
    Shah, Imran Ahmed
    Yunfei, Shao
    [J]. SOFT COMPUTING, 2023, 27 (10) : 6187 - 6203
  • [29] Complexity-based risk decision framework for cost overrun using fuzzy Bayesian network
    Farman Afzal
    Fahim Afzal
    Danish Junaid
    Imran Ahmed Shah
    Shao Yunfei
    [J]. Soft Computing, 2023, 27 : 6187 - 6203
  • [30] Risk Prediction for Imbalanced Data in Cyber Security : A Siamese Network-based Deep Learning Classification Framework
    Sun, Degang
    Wu, Zhengrong
    Wang, Yan
    Lv, Qiujian
    Hu, Bo
    [J]. 2019 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2019,