Attack Graph Modeling for Implantable Pacemaker

Ibrahim, Mariam; Alsheikh, Ahmad; Matar, Aseel

doi:10.3390/bios10020014

Cited by 14 publications

(10 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Shen et al (2020) designed remote monitoring and auditing cloud platform. Ibrahim et al (2020) provided IoT devices security control methods for remote health monitoring and auditing. Also, Aydarov et al (2019) presented the results of the development and implementation of the remote monitoring system for audit and quality assessment of car‐service industry.…”

Section: Methodsmentioning

confidence: 99%

Process modeling paradigm change

Pańkowska

2023

Knowl Process Manag

View full text Add to dashboard Cite

Business process modeling and implementation has taken researchers' attention for almost 30 years, since Hammer and Champy published in 1992 their book on business process reengineering. Process management proponents mostly focused on the system approach and workflow modeling. In this paper, we would like to emphasize the issues of business process paradigm development. This paper's aim is to confront workflow modeling with case management. These two approaches have different purposes, although, through their application, the process paradigm change is presented. This study methodology covers the literature survey (LS) and case study. The LS on the application of Case Management Model Notation (CMMN) is included to answer the question for what purposes CMMN is applied. The empirical part covers a case study on remote audit (e-audit) process modeling. Further, a discussion on the strengths and weaknesses of e-audit process is included. Final conclusions concern the transformability of process modeling methodologies. This paper contributes to process management theory with explanations of how and why specific e-audit processes are developed and how they expand process managers' practices. The e-audit activities are included in step-by-step processes as well as in the case management model to improve knowledge sharing and practice improvement. | INTRODUCTIONBusiness processes are considered as core assets of many social entities, which focus on process identification, management, controlling, and governance. The processes should respond to the market demand and change according to the requirements of their various actors and to build and maintain the business competitive advantage. Kahloun and Ayachi-Ghannouchi (2020) argue that business process modeling is to support communication among business stakeholders. Modeling the processes for management means establishing their regulatory power and their value for the business. Business process management (BPM) consists of several phases, such as process conceptualization, design, implementation, application, evaluation, and referencing (Reif et al., 2019). By modeling a cyclical sequence of business processes, analysts integrate functionalist and social perspectives on BPM. This paper is organized as follows. Section 1 covers the introduction to process paradigm discussion and an analysis of ISO standards on process modeling. This section also includes the presentation of process modeling concepts and notations. In Section 2, the Literature Survey (LS) on Case Management Model and Notation (CMMN) is located.Section 2 includes also a LS on remote audits and presentation of remote audit case study. The e-audit guidelines are discussed, and its activities are modeled in CMMN and in Business Process Model and Notation (BPMN) in Section 3. This section evaluates the feasibility and potential gain of this approach by discussing how this approach and Camunda tool can be applied to model the internal audit processes realized in a virtual environment. In Section 4, there are resu...

show abstract

Section: Methodsmentioning

confidence: 99%

Process modeling paradigm change

Pańkowska

2023

Knowl Process Manag

View full text Add to dashboard Cite

show abstract

“…Approaches based on graphs represent a common solution in security assessment research (see, e.g., [6], [12], [23]- [40]). Many papers customize these approaches to the specific technologies, such as smart grids [6], medical devices [29], smart infrastructures [30], web technologies [31], cloud environments [40].…”

Section: B Graph-based Approachesmentioning

confidence: 99%

A Methodological Framework for AI-Assisted Security Assessments of Active Directory Environments

Nebbione

Calzarossa

2023

IEEE Access

View full text Add to dashboard Cite

The pervasiveness of complex technological infrastructures and services coupled with the continuously evolving threat landscape poses new sophisticated security risks. These risks are mostly associated with many diverse vulnerabilities related to software or hardware security flaws, misconfigurations and operational weaknesses. In this scenario, a timely assessment and mitigation of the security risks affecting technological environments are of paramount importance. To cope with these compelling issues, we propose an AI-assisted methodological framework aimed at evaluating whether the target environment is vulnerable or safe. The framework is based on the combined application of graph-based and machine learning techniques. More precisely, the components of the target together with their vulnerabilities are represented by graphs whose analysis identifies the attack paths associated with potential security threats. Machine learning techniques classify these paths and provide the security assessment of the target. The experimental evaluation of the proposed framework was performed on 220 artificially generated Active Directory environments, half of which injected with vulnerabilities. The results of the classification process were generally good. For example, the F1-score obtained by the Random Forest classifier for the assessment of vulnerable networks was equal to 0.91. These results suggest that our approach could be applied for automating the security assessment procedures of complex networked environments.

show abstract

“…However, no thorough study has addressed IoT vulnerabilities and their evaluation using attack graphs. Although some papers capture both attack graphs and IoT [3], [34], they either do not cover certain topics, such as the parameters of the IoT network used to develop the attack graph [8], [17], [35], [48], [52], [54], [57], [68], [69] and the methods and tools used for visualizing the model, framework, or application [6], [16], [27], [30], [37], [39], [40], [62], or are no longer fully relevant due to the rapidly evolving domain. This survey paper is needed because IoT systems are becoming increasingly complex and pervasive in our daily lives, making it crucial to ensure their security.…”

Section: Introductionmentioning

confidence: 99%

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

et al. 2023

View full text Add to dashboard Cite

Vulnerability assessment in industrial IoT networks is critical due to the evolving nature of the domain and the increasing complexity of security threats. This study aims to address the existing gaps in the literature by conducting a comprehensive survey on the use of attack graphs for vulnerability assessment in IoT networks. Attack graphs serve as a valuable cybersecurity tool for modeling and analyzing potential attack scenarios on systems, networks, or applications. The survey covers the research conducted between 2016 and 2021(34 peer-reviewed journal articles and 28 conference papers), identifying and categorizing the main methodologies and technologies employed in generating and analyzing attack graphs. In this review, core modeling techniques for IoT vulnerability assessment are highlighted, such as Markov Decision Processes (MDP), Feature Pyramid Networks (FPN), K-means clustering, and logistic regression models, along with other techniques involving genetic algorithms like fast-forward (FF), contingent fast-forwards (CFF), advanced reinforcement-learning algorithms, and HARMs models. The evaluation of the performance of these attack graph models using IoT networks or devices as case studies is also emphasized. This survey provides valuable insights into the state-of-the-art attack graph techniques for IoT network vulnerability assessment, identifying various applications, performances, research opportunities, and challenges. As a reference source, it serves to inform academicians and practitioners interested in leveraging attack graphs for IoT network vulnerability assessment and guides future research directions in this area.INDEX TERMS Attack graph, the Internet of Things, network vulnerabilities, vulnerability assessment.

show abstract

Attack Graph Modeling for Implantable Pacemaker

Cited by 14 publications

References 28 publications

Process modeling paradigm change

Process modeling paradigm change

A Methodological Framework for AI-Assisted Security Assessments of Active Directory Environments

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

Contact Info

Product

Resources

About