Quantitative Assessment of Cyber Security Risk using Bayesian Network-based model

被引:7
|
作者
Mo, Sheung Yin Kevin [1 ]
Beling, Peter A. [1 ]
Crowther, Kenneth G. [1 ]
机构
[1] Univ Virginia, Charlottesville, VA 22903 USA
来源
2009 IEEE SYSTEMS AND INFORMATION ENGINEERING DESIGN SYMPOSIUM (SIEDS) | 2009年
关键词
D O I
10.1109/SIEDS.2009.5166177
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
This paper proposes a quantitative model for assessing cyber security risk in information security. The model can be used to evaluate the security readiness of firms in the marketplace through qualitative and quantitative tools. We propose a Bayesian network methodology that can be used to generate a cyber security risk score that takes as input a firm's security profile and data breach statistics. The quantitative model enables cyber risk to be captured in a precise and comparable fashion. The objective of the scoring model is to create a common reference in the marketplace that could enhance incentives for firms to invest and improve their security systems. This paper concludes with a demonstration of scoring an intrusion detection network.
引用
收藏
页码:183 / 187
页数:5
相关论文
共 50 条
  • [1] RISK ASSESSMENT OF SUBWAY STATION FIRE BY USING A BAYESIAN NETWORK-BASED SCENARIO EVOLUTION MODEL
    Li, Xuewei
    Yuan, Jingfeng
    Zhang, Limao
    Yang, Dujuan
    [J]. JOURNAL OF CIVIL ENGINEERING AND MANAGEMENT, 2024, 30 (03) : 279 - 294
  • [2] Bayesian Decision Network-Based Security Risk Management Framework
    Masoud Khosravi-Farmad
    Abbas Ghaemi-Bafghi
    [J]. Journal of Network and Systems Management, 2020, 28 : 1794 - 1819
  • [3] A Jackson network-based model for quantitative analysis of network security
    Xiang, ZT
    Chen, YF
    Jian, W
    Yan, F
    [J]. INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2005, 3495 : 517 - 522
  • [4] Improved Bayesian Network-Based Risk Model and Its Application in Disaster Risk Assessment
    Li, Ming
    Hong, Mei
    Zhang, Ren
    [J]. INTERNATIONAL JOURNAL OF DISASTER RISK SCIENCE, 2018, 9 (02) : 237 - 248
  • [5] Improved Bayesian Network-Based Risk Model and Its Application in Disaster Risk Assessment
    Ming Li
    Mei Hong
    Ren Zhang
    [J]. International Journal of Disaster Risk Science, 2018, 9 : 237 - 248
  • [6] Improved Bayesian Network-Based Risk Model and Its Application in Disaster Risk Assessment
    Ming Li
    Mei Hong
    Ren Zhang
    [J]. International Journal of Disaster Risk Science, 2018, 9 (02) : 237 - 248
  • [7] Development of a cyber security risk model using Bayesian networks
    Shin, Jinsoo
    Son, Hanseong
    Ur, Rahman Khalil
    Heo, Gyunyoung
    [J]. RELIABILITY ENGINEERING & SYSTEM SAFETY, 2015, 134 : 208 - 217
  • [8] Bayesian Decision Network-Based Security Risk Management Framework
    Khosravi-Farmad, Masoud
    Ghaemi-Bafghi, Abbas
    [J]. JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT, 2020, 28 (04) : 1794 - 1819
  • [9] A Bayesian Network-Based Integrated for Flood Risk Assessment (InFRA)
    Joo, Hongjun
    Choi, Changhyun
    Kim, Jungwook
    Kim, Deokhwan
    Kim, Soojun
    Kim, Hung Soo
    [J]. SUSTAINABILITY, 2019, 11 (13):
  • [10] Quantitative Risk Assessment of Cyber Physical Power System Using Bayesian Based on Petri Net
    Zhang, Xiaofei
    Zhang, Daoying
    [J]. PROCEEDINGS OF 2018 5TH IEEE INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND INTELLIGENCE SYSTEMS (CCIS), 2018, : 988 - 992
12345