Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains

Abraham, Subil; Nair, Suku

doi:10.12720/jcm.9.12.899-907

Cited by 49 publications

(38 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A Markov chain is regarded as one of the best modeling techniques that has been used effectively in various fields such as reliability analysis [14], performance analysis, dependability analysis [15] [16], and cybersecurity analysis [17], among others. We will model the host access attack graph described in the previous subsection using a Markov chain with the real behavior of the attacker in conjunction with the Markovian properties.…”

Section: Markov Chainmentioning

confidence: 99%

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Pokhrel¹,

Tsokos²

2017

JIS

View full text Add to dashboard Cite

There are several security metrics developed to protect the computer networks. In general, common security metrics focus on qualitative and subjective aspects of networks lacking formal statistical models. In the present study, we propose a stochastic model to quantify the risk associated with the overall network using Markovian process in conjunction with Common Vulnerability Scoring System (CVSS) framework. The model we developed uses host access graph to represent the network environment. Utilizing the developed model, one can filter the large amount of information available by making a priority list of vulnerable nodes existing in the network. Once a priority list is prepared, network administrators can make software patch decisions. Gaining in depth understanding of the risk and priority level of each host helps individuals to implement decisions like deployment of security products and to design network topologies.

show abstract

Section: Markov Chainmentioning

confidence: 99%

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Pokhrel¹,

Tsokos²

2017

JIS

View full text Add to dashboard Cite

show abstract

“…Then the procedure of detection of the object ) ,..., During the study, the results of which are described in the work (Khan, Awad, & Thuraisingham, 2007) (Al-Jarrah, 2014) (Abraham & Nair, 2014), it was justified that the most Petrenko T. Adaptive system for detection of cyber-attacks Published: Janury 2017 MESTE │81…”

Section: The Model Of Logical Procedures Of Detection Of Anomalies Anmentioning

confidence: 99%

Design of Adaptive System for Detection of Cyber-Attacks

Петренко¹,

Čekerevac²

2017

MEST Journal

View full text Add to dashboard Cite

This paper is devoted to the improvement of the mathematical support for the intelligent detection models of cyber threats. The results of the research present the further development of detection models of cyber threats, as well as of common classes of cyber-attacks in mission critical information systems (MCIS). There was the model of detection of cyber-attacks to MCIS designed, which is based on

show abstract

“…In [34,35], the authors established the cyber-security analytics framework where we have captured all the processes involved in building our security metric framework. In [36,37] the extended the model to factor in the age of the vulnerabilities that are part of the generated Attack Tree.…”

Section: Predictive Cyber Security Frameworkmentioning

confidence: 99%

“…For example, in our approach, we utilize an Absorbing Markov chain for performing exploitability analysis. In [34,35] we discussed how we can model an attack-graph as a discrete time absorbing Markov chain where the absorbing state represents the security goal being compromised.…”

Section: Predictive Cyber Security Frameworkmentioning

confidence: 99%

Exploitability analysis using predictive cybersecurity framework

Abraham¹,

Nair²

2015

2015 IEEE 2nd International Conference on Cybernetics (CYBCONF)

Self Cite

View full text Add to dashboard Cite

Managing Security is a complex process and existing research in the field of cybersecurity metrics provide limited insight into understanding the impact attacks have on the overall security goals of an enterprise. We need a new generation of metrics that can enable enterprises to react even faster in order to properly protect mission-critical systems in the midst of both undiscovered and disclosed vulnerabilities. In this paper, we propose a practical and predictive security model for exploitability analysis in a networking environment using stochastic modeling. Our model is built upon the trusted CVSS Exploitability framework and we analyze how the atomic attributes namely Access Complexity, Access Vector and Authentication that make up the exploitability score evolve over a specific time period. We formally define a nonhomogeneous Markov model which incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate. The daily transitionprobability matrices in our study are estimated using a combination of Frei's model & Alhazmi Malaiya's Logistic model. An exploitability analysis is conducted to show the feasibility and effectiveness of our proposed approach. Our approach enables enterprises to apply analytics using a predictive cyber security model to improve decision making and reduce risk.

show abstract

Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains

Cited by 49 publications

References 13 publications

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Design of Adaptive System for Detection of Cyber-Attacks

Exploitability analysis using predictive cybersecurity framework

Contact Info

Product

Resources

About