Cybersecurity Risk Assessment Based on Cognitive Attack Vector Modeling with CVSS Score

Vasilyev, Vladimir; Kirillova, Anastasia; Vulfin, Alexey; Nikonov, Andrey

doi:10.1109/itnt52450.2021.9649191

Cited by 7 publications

(5 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since we cannot determine the attack graph storage strategy and search strategy of refs. [35,36], we can not check their time/space consumption.…”

Section: Experiments Results Analysismentioning

confidence: 99%

“…Finally, in order to verify the accuracy of the collection results of key vulnerability nodes in the proposed method, this experiment compares the results of this paper with the search results of [35][36][37], respectively. The search results of key vulnerable nodes, the reachability of target nodes, and the changes in the number of attack paths after repairing the four methods are shown in Table 6.…”

Section: Experiments Results Analysismentioning

confidence: 99%

“…The search results of key vulnerable nodes, the reachability of target nodes, and the changes in the number of attack paths after repairing the four methods are shown in Table 6. Reference [35] only considers the CVSS score threat characteristics of vulnerabilities and takes the node with the highest score as the key vulnerable node. The attack probability of the attack path of nodes 32, 37, and 30 is only 3.1615 × 10 −9 .…”

Section: Experiments Results Analysismentioning

confidence: 99%

See 2 more Smart Citations

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Xu,

Liu,

Sun

et al. 2024

Mathematics

View full text Add to dashboard Cite

Aiming at the problem that the search efficiency of key vulnerable nodes in large-scale networks is not high and the consideration factors are not comprehensive enough, in order to improve the time and space efficiency of search and the accuracy of results, a key vulnerable node discovery method based on Bayesian attack subgraphs and improved fuzzy C-means clustering is proposed. Firstly, the attack graph is divided into Bayesian attack subgraphs, and the analysis results of the complete attack graph are quickly obtained by aggregating the information of the attack path analysis in the subgraph to improve the time and space efficiency. Then, the actual threat features of the vulnerability nodes are extracted from the analysis results, and the threat features of the vulnerability itself in the common vulnerability scoring standard are considered to form the clustering features together. Next, the optimal number of clusters is adaptively adjusted according to the variance idea, and fuzzy clustering is performed based on the extracted clustering features. Finally, the key vulnerable nodes are determined by setting the feature priority. Experiments show that the proposed method can optimize the time and space efficiency of analysis, and the fuzzy clustering considering multiple features can improve the accuracy of analysis results.

show abstract

“…Since we cannot determine the attack graph storage strategy and search strategy of refs. [35,36], we can not check their time/space consumption.…”

Section: Experiments Results Analysismentioning

confidence: 99%

Section: Experiments Results Analysismentioning

confidence: 99%

Section: Experiments Results Analysismentioning

confidence: 99%

See 1 more Smart Citation

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Xu,

Liu,

Sun

et al. 2024

Mathematics

View full text Add to dashboard Cite

show abstract

“…On the other hand, Vasilyev et al [24] use CVSS metrics by putting the corresponding assets they have captured within a cyberattack vector model for speci ic systems. We note that they do not extract the score (via variables) as in our case, and they just simply use it.…”

Section: Network Mapping/scanning Methodologiesmentioning

confidence: 99%

A framework for automating environmental vulnerability analysis of network services

Dimitris Koutras,

Panayiotis Kotzanikolaou,

Evangelos Paklatzis

et al. 2024

ITU J-FET

View full text Add to dashboard Cite

The primary objective of this paper is to introduce a comprehensive framework designed to automate the assessment of environmental vulnerability status of communication protocols and networked services, within operational contexts. The proposed algorithm leverages the Common Vulnerability Scoring System version 3 (CVSS 3) metrics in conjunction with network security data. The initial step involves the establishment of a network security ontology, which serves to model the environmental attributes associated with the current security posture of communication protocol channels available within an infrastructure. The process commences with the identification and enumeration of all active communication services through a combination of diverse information gathering tools. Subsequently, active network services undergo assessment using a blend of passive scanning and active security analysis tools, which produce the environmental security score. This score can be integrated into vulnerability scoring systems such as CVSS, facilitating the fine-tuning of base CVSS scores, as well as vulnerability mitigation in real-world environments. To validate the proposed framework, we conducted testing across various networks and communication protocols within a controlled environment, thereby offering tangible illustrations for widely-utilized communication protocols.

show abstract

“…Vasilyev et al, in [13] has proposed an automated modelling of a set of prospective incidents enables information extraction regarding infrastructure flaws, the most dangerous vulnerabilities, and potential flaws in system components. It also enables identification of the most effective attack scenarios and evaluation of the enterprise impact of those scenarios.…”

Section: Related Workmentioning

confidence: 99%

Security and Safety in Cyber-Physical System (CPS): An Inclusive Threat Model

Mardiana Mohamad Noor,

Ali Selamat,

Nurulakmar Abu Husain

et al. 2024

ARASET

View full text Add to dashboard Cite

A Cyber-Physical System (CPS) is a combination of computational algorithms and physical processes that are integrated together. Cyber-Physical Systems (CPS) integrate computer and communication capabilities with the monitoring and management of physical parts, establishing a mutually beneficial interaction between the cyber and physical components. Industrial Control System (ICS) is one example of CPS which integrates the physical (OT) and cyber domains (IT), which makes them more vulnerable to attacks. Two essential characteristics of Cyber-Physical Systems (CPS) are safety and security. Threat models are methods for identifying, analysing, and proposing security control countermeasures for threats and their capabilities. However, the threat model methods which are used for the traditional IT systems are not sufficient as they do not include the physical interactions, consequences and impacts to the safety aspects in the Operational Technology (OT). On the other hand, a risk assessment analyses attack scenario, examines cybersecurity from the attacker's point of view, and gives cost-benefit data to support the expenditure on security measures. This study proposes an inclusive attacker’s centric threat model and pro-active risk assessment model for CPS using Mamdani Fuzzy Inference System (FIS). The outcomes of the threat model prove that the lateral propagation of the threat is possible and threat may also propagate from the CPS assets to the IT segment. The risk assessment by using FIS shown that the safety and security risk for the CPS is significant and calculated as medium level. Hence, the risk factors that are considered in calculating the overall risk for a CPS need to be immediately addressed and mitigated.

show abstract

Cybersecurity Risk Assessment Based on Cognitive Attack Vector Modeling with CVSS Score

Cited by 7 publications

References 15 publications

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

A framework for automating environmental vulnerability analysis of network services

Security and Safety in Cyber-Physical System (CPS): An Inclusive Threat Model

Contact Info

Product

Resources

About