Recommender Systems Meeting Security: From Product Recommendation to Cyber-Attack Prediction

Polatidis, Nikolaos; Pimenidis, Elias; Pavlidis, Michalis; Mouratidis, Haralambos

doi:10.1007/978-3-319-65172-9_43

Cited by 16 publications

(15 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Its dynamic and collaborative notion derives from an evidence-driven Maritime Supply Chain Risk Assessment (MSCRA) holistic approach [56][57][58], which is implemented towards a step-by-step risk management methodology providing an holistic view of maritime logistics infrastructures and their supply chains, enabling cooperation and risk-handling transparency among supply chain stakeholders and generating unique evidence about risk assessment and mitigation. This is achieved by an open simulation environment that allows the business partners to simulate risks and evaluate risk mitigation actions.…”

Section: An Evidence-driven Holistic Approachmentioning

confidence: 99%

“…The identification and analysis of composite interdependencies between supply chain entities and their cyber-assets drive the process of assessing the propagation of incidents through multiple ICT networks. An application of game-theoretic algorithms yields the recognition of optimal mitigation actions, capturing a worst-case scenario damage for the defender, based on the game-theoretic risk management approach described in Reference [59], the mathematical module for uncertain payoffs described in Reference [60] and potential attack strategies presented in References [57,58,61]. In this context, the MITIGATE methodology focuses on the following objectives:…”

Section: An Evidence-driven Holistic Approachmentioning

confidence: 99%

“…This MITIGATE service provides guidance to the MLoSC operators to assess and organize the cybersecurity issues associated with the supply chain services in which they are involved. Moreover, the MITIGATE system encompasses and executes an evaluation process that implements the main steps of the proposed MSCRA approach [56][57][58]61]. Furthermore, MLoSC operators, such as Port employees, SCADA operators, forwarders, Port Authorities, shipping and carrier agencies, can use this service to identify and measure all relevant cyber threats, vulnerabilities, assess the possible impacts and derive and prioritize the corresponding risks.…”

Section: Supply Chain Risk Analysis (Sas-5)mentioning

confidence: 99%

“…Moreover, the mapping of attacker's capability with respect to the asset-vulnerability combination provides the likelihood that an attacker may be able to exploit a specific vulnerability. This estimation relies on a qualitative nature of a five-tier nominal scale, which is thoroughly analyzed in References [56][57][58]: (i) "Very High" (VH) risk is expected to occur within the assets of the business partner with very high probability and an incident has been realized more than once in the last year (12 month period); (ii) "High" (H) risk is expected to occur within the assets of the business partner with high probability and an incident has been realized once in the last 1 year (12 month period); (iii) "Moderate" (M) risk is expected to occur within the assets of the business partner with moderate probability, where more than one incident has been realized over the last 2 years; (iv) "Low" (L) risk is expected to occur within the assets of the business partner with low probability, where at most one incident has been realized over the last 2 years; (v) "Very Low" (VL) risk is expected to occur within the assets of the business partner with very low probability, where at most one incident or no incident has been realized over the last 3 years. To classify the asset's risk, the worst-case scenario of the vulnerability risks per asset is used to introduce the "Dominant Individual Risk Level", which is additionally visualized by a Risk Analysis Diagram.…”

Section: Supply Chain Risk Analysis (Sas-5)mentioning

confidence: 99%

See 3 more Smart Citations

A Novel Risk Assessment Methodology for SCADA Maritime Logistics Environments

et al. 2018

Self Cite

View full text Add to dashboard Cite

In recent years maritime logistics infrastructures are the global links among societies and economies. This challenges adversaries to intrude on the cyber-dependent ICTs by performing high-level intelligent techniques. A potential cyber-attack on such infrastructures can cause tremendous damages starting from supply chain service disruption ending up with threatening the whole human welfare. Current risk management policies embed significant limitations in terms of capturing the specific security requirements of ICTs and control/monitoring devices, such as IoT platforms, satellites and time installations, which are primary functioning for the provision of Maritime Logistics and Supply Chain (MLoSC) services. This work presents a novel risk assessment methodology capable of addressing the security particularities and specificities of the complex nature of SCADA infrastructures and Cyber-Physical Systems (CPSs) of the Maritime Logistics Industry. The methodology identifies asset vulnerabilities and threats to estimate the cyber-risks and their cascading effects within the supply chain, introducing a set of subsequent security assessment services. The utilization of these services is demonstrated via a critical, real-life SCADA scenario indicating how they can facilitate supply chain operators in comprehending the threat landscape of their infrastructures and guide them how to adopt optimal mitigation strategies to counter or eliminate their cyber-risks.

show abstract

Section: An Evidence-driven Holistic Approachmentioning

confidence: 99%

Section: An Evidence-driven Holistic Approachmentioning

confidence: 99%

Section: Supply Chain Risk Analysis (Sas-5)mentioning

confidence: 99%

Section: Supply Chain Risk Analysis (Sas-5)mentioning

confidence: 99%

See 2 more Smart Citations

A Novel Risk Assessment Methodology for SCADA Maritime Logistics Environments

et al. 2018

Self Cite

View full text Add to dashboard Cite

show abstract

“…CSRR provides a comprehensive basis from which alternative security solutions are identified, based on specific stakeholder's needs. [13] provides a recommender system to predict cyberattacks by identifying attack paths and demonstrates how a recommendation method can be used to classify future cyber attacks. [10] introduced an interactive user interface for security analysts that recommends what data to protect, visualizes simulated protection impact, and helps build protection plans.…”

Section: Introductionmentioning

confidence: 99%

MENTOR: The Design and Evaluation of a Protection Services Recommender System

Franco

Rodrigues

Stiller

2019

2019 15th International Conference on Network and Service Management (CNSM)

View full text Add to dashboard Cite

Cyberattacks are the cause of several damages on governments and companies in the last years. Such damage includes not only leaks of sensitive information, but also economic loss due to downtime of services. The security market size worth billions of dollars, which represents investments to acquire protection services and training response teams to operate such services, determines a considerable part of the investment in technologies around the world. Although a vast number of protection services are available, it is neither trivial for network operators nor endusers to choose one of them in order to prevent or mitigate an imminent attack. As the next-generation cybersecurity solutions are on the horizon, systems that simplify their adoption are still required in support of security management tasks. Thus, this paper introduces MENTOR, a support tool for cybersecurity, focusing on the recommendation of protection services. MENTOR is able to (a) to deal with different demands from the user and (b) to recommend the adequate protection service in order to provide a proper level of cybersecurity in different scenarios. Four similarity measurements are implemented in order to prove the feasibility of the MENTOR's engine. An evaluation determines the performance and accuracy of each measurement used during the recommendation process.

show abstract

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision support system that uses a mission decomposition model representing the organization's functional and security requirements on its IT infrastructure. Based on the cybersecurity state assessment, that is, discovery of vulnerabilities and attacker's position, the decision support system calculates the resilience metrics for each IT infrastructure's configuration, that is, how likely are they to not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph and Bayesian Privilege Attack Graph, which reduce complex attack graphs into a comprehensible bipartite graph. Moreover, they illustrate the impact of exploiting the vulnerabilities and attackers gaining the privileges. The system recommends the most resilient mission configurations that are comprehensible to both cybersecurity experts and non-technical stakeholders, who may then choose which configuration to apply. Our approach is illustrated in a case study of a real-world medical information system.

show abstract

Recommender Systems Meeting Security: From Product Recommendation to Cyber-Attack Prediction

Cited by 16 publications

References 40 publications

A Novel Risk Assessment Methodology for SCADA Maritime Logistics Environments

A Novel Risk Assessment Methodology for SCADA Maritime Logistics Environments

MENTOR: The Design and Evaluation of a Protection Services Recommender System

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Contact Info

Product

Resources

About