Hybrid Risk Assessment Model Based on Bayesian Networks

Aguessy, François-Xavier; Bettan, Olivier; Blanc, Grégory; Conan, Vania; Debar, Hervé

doi:10.1007/978-3-319-44524-3_2

Cited by 7 publications

(3 citation statements)

References 14 publications

(22 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another strategy relies on Bayesian-based reasoning, in which graph edges and vertices are assigned probabilities based on their likelihood of being affected by the exploitation of underlying vulnerabilities. However, the nature of adversaries is driven by the achievement of detrimental goals against the system rather than probabilities or topological weights [3].…”

Section: Related Work a Vulnerability Quantificationmentioning

confidence: 99%

Exploring the Quantitative Resilience Analysis of Cyber-Physical Systems

Dagnas,

Barbeau,

Boutin

et al. 2023

2023 IFIP Networking Conference (IFIP Networking)

View full text Add to dashboard Cite

With technological advances, Cyber-Physical Systems (CPSs), specifically critical infrastructures, have become strongly connected. Their exposure to cyber adversaries is higher than ever. The number of cyber-attacks perpetrated against critical infrastructure is growing in number and sophistication. The protection of such complex systems is of paramount importance. Resilience applied to critical infrastructures aims at protecting these vital systems from cyber-attacks and making them continue to deliver a certain level of performance, even when attacks occur. In this work, we explore new advances related to cyber-resilience applied to CPSs. We also explore using a metric to quantify the resilience of critical infrastructures. As a use case, we consider a water treatment system.

show abstract

Section: Related Work a Vulnerability Quantificationmentioning

confidence: 99%

Exploring the Quantitative Resilience Analysis of Cyber-Physical Systems

Dagnas,

Barbeau,

Boutin

et al. 2023

2023 IFIP Networking Conference (IFIP Networking)

View full text Add to dashboard Cite

show abstract

“…Shin et al 29 developed a risk model to represent the probability of cyber attacks and how an organization complies with security policies. Augessy et al 30 proposed an approach to model ongoing and possible future attacks. Khosravi-Farhad et al 31,32 proposed the use of the Bayesian decision networks to measure the impact of vulnerabilities and to find minimum-cost security measures.…”

Section: Attack Graphs and Bayesian Network In Cybersecuritymentioning

confidence: 99%

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision support system that uses a mission decomposition model representing the organization's functional and security requirements on its IT infrastructure. Based on the cybersecurity state assessment, that is, discovery of vulnerabilities and attacker's position, the decision support system calculates the resilience metrics for each IT infrastructure's configuration, that is, how likely are they to not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph and Bayesian Privilege Attack Graph, which reduce complex attack graphs into a comprehensible bipartite graph. Moreover, they illustrate the impact of exploiting the vulnerabilities and attackers gaining the privileges. The system recommends the most resilient mission configurations that are comprehensible to both cybersecurity experts and non-technical stakeholders, who may then choose which configuration to apply. Our approach is illustrated in a case study of a real-world medical information system.

show abstract

“…Similarly, probabilistic models using Bayesian networks can also represent attack graphs via directed acyclic graphs. Nodes represent random variables and edges represent probabilistic dependencies between variables [3]. An example is BAM (Bayesian Attack Model) [4], which builds upon Bayesian attack trees.…”

Section: Literature On Attack Graphsmentioning

confidence: 99%

Ontology-based Attack Graph Enrichment

Saint-Hilaire¹,

Cuppens²,

Cuppens³

et al. 2022

Preprint

View full text Add to dashboard Cite

Attack graphs provide a representation of possible actions that adversaries can perpetrate to attack a system. They are used by cybersecurity experts to make decisions, e.g., to decide remediation and recovery plans. Different approaches can be used to build such graphs. We focus on logical attack graphs, based on predicate logic, to define the causality of adversarial actions. Since networks and vulnerabilities are constantly changing (e.g., new applications get installed on system devices, updated services get publicly exposed, etc.), we propose to enrich the attack graph generation approach with a semantic augmentation post-processing of the predicates. Graphs are now mapped to monitoring alerts confirming successful attack actions and updated according to network and vulnerability changes. As a result, predicates get periodically updated, based on attack evidences and ontology enrichment. This allows to verify whether changes lead the attacker to the initial goals or to cause further damage to the system not anticipated in the initial graphs. We illustrate the approach under the specific domain of cyber-physical security affecting smart cities. We validate the approach using existing tools and ontologies.

show abstract

Hybrid Risk Assessment Model Based on Bayesian Networks

Cited by 7 publications

References 14 publications

Exploring the Quantitative Resilience Analysis of Cyber-Physical Systems

Exploring the Quantitative Resilience Analysis of Cyber-Physical Systems

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Ontology-based Attack Graph Enrichment

Contact Info

Product

Resources

About