Security risk situation quantification method based on threat prediction for multimedia communication network

Hu, Hao; Zhang, Hongqi; Yang, Yan

doi:10.1007/s11042-017-5602-0

Cited by 13 publications

(5 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Likewise, Deb and Roy [16] present a mathematical implementation to identify the status of the different hosts on the network. On the other hand, Hu et al [17] propose two algorithms. The first algorithm aims to provide comprehensive predictive information with the threat scenario.…”

Section: Discussionmentioning

confidence: 99%

“…The CVSS and the Bayesian network are robust methodologies for determining the mutual relationship between vulnerabilities and prioritizing the effective care process. On the other hand, Hu et al [17] propose two algorithms, the threat prediction algorithm based on a dynamic Bayesian graph and the security risk quantification algorithm based on threat prediction. The first algorithm aims to provide comprehensive predictive information under a specific threat scenario.…”

Section: State Of the Art Of Current Vulnerability Prioritizationmentioning

confidence: 99%

“…Compared to our study, the analyzed works provide relevant information about certain network environment variables and how they are quantified [10,18]. They also allow the definition of validation rules based on the results obtained in [5,14,17]. On the other hand, one of the approaches is to propose improvements in the CVSS model [1][2][3].…”

Section: State Of the Art Of Current Vulnerability Prioritizationmentioning

confidence: 99%

See 2 more Smart Citations

An Environment-Specific Prioritization Model for Information-Security Vulnerabilities Based on Risk Factor Analysis

et al. 2022

View full text Add to dashboard Cite

Vulnerabilities represent a constant and growing risk for organizations. Their successful exploitation compromises the integrity and availability of systems. The use of specialized tools facilitates the vulnerability monitoring and scanning process. However, the large amount of information transmitted over the network makes it difficult to prioritize the identified vulnerabilities based on their severity and impact. This research aims to design and implement a prioritization model for detecting vulnerabilities based on their network environment variables and characteristics. A mathematical prioritization model was developed, which allows for calculating the risk factor using the phases of collection, analysis, and extraction of knowledge from the open information sources of the OSINT framework. The input data were obtained through the Shodan REST API. Then, the mathematical model was applied to the relevant information on vulnerabilities and their environment to quantify and calculate the risk factor. Additionally, a software prototype was designed and implemented that automates the prioritization process through a Client–Server architecture incorporating data extraction, correlation, and calculation modules. The results show that prioritization of vulnerabilities was achieved with the information available to the attacker, which allows evaluating the overexposure of information from organizations. Finally, we concluded that Shodan has relevant variables that assess and quantify the overexposure of an organization’s data. In addition, we determined that the Common Vulnerability Scoring System (CVSS) is not sufficient to prioritize software vulnerabilities since the environments where they reside have different characteristics.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: State Of the Art Of Current Vulnerability Prioritizationmentioning

confidence: 99%

Section: State Of the Art Of Current Vulnerability Prioritizationmentioning

confidence: 99%

See 1 more Smart Citation

An Environment-Specific Prioritization Model for Information-Security Vulnerabilities Based on Risk Factor Analysis

et al. 2022

View full text Add to dashboard Cite

show abstract

“…is method of user identification is relatively easy, but it is not secure, and the password is easy to be disclosed. erefore, with the development of database applications, password authentication, digital authentication, smart card authentication, and personal identity authentication are also introduced, which improves the security of the system within a limited scope [9,10].…”

Section: Commonly Used Data Algorithm Encryption Formula and Measuresmentioning

confidence: 99%

The Application of Data Encryption Technology in Computer Network Communication Security

Guanxiu

2022

Mobile Information Systems

View full text Add to dashboard Cite

With the development of computer network and the popularization of information system, the security of databases, as platforms for centralized storage and sharing of information system data, has increasingly become a serious problem in the field of information security, so data encryption technology has come into people’s sight. However, the current data encryption technology still has certain shortcomings, such as the inconsistency of the code text of the encryption and decryption technology, and the low efficiency of decoding and encryption. The purpose of this paper is to study the application of data encryption technology in computer network communication to provide better suggestions and explore better methods for improving network communication security system. This article, through the analysis of the database threat model and database application system structure, puts forward a design scheme of database encryption system model. A complete database encryption system can be divided into five logic modules: a key storage module, key engine module, key information module, key management module, and data storage module, and provides an in-depth analysis of the various parts and implementation details related to these modules. Finally, the designed encryption system model is programmed to be implemented; with the help of online examination system, the function and performance of the encryption system were tested; and the transmission efficiency of data encryption is maintained at more than 95%, which proves the effectiveness of the system.

show abstract

Section: Commonly Used Data Algorithm Encryption Formula and Measuresmentioning

confidence: 99%

Application of Data Encryption Technology in Computer Network Communication Security

2022

Foreign Language Science and Technology Journal Database Natural Science

View full text Add to dashboard Cite

With the development of computer network and the popularization of information system, the security of databases, as platforms for centralized storage and sharing of information system data, has increasingly become a serious problem in the eld of information security, so data encryption technology has come into people's sight. However, the current data encryption technology still has certain shortcomings, such as the inconsistency of the code text of the encryption and decryption technology, and the low e ciency of decoding and encryption. e purpose of this paper is to study the application of data encryption technology in computer network communication to provide better suggestions and explore better methods for improving network communication security system. is article, through the analysis of the database threat model and database application system structure, puts forward a design scheme of database encryption system model. A complete database encryption system can be divided into ve logic modules: a key storage module, key engine module, key information module, key management module, and data storage module, and provides an in-depth analysis of the various parts and implementation details related to these modules. Finally, the designed encryption system model is programmed to be implemented; with the help of online examination system, the function and performance of the encryption system were tested; and the transmission e ciency of data encryption is maintained at more than 95%, which proves the e ectiveness of the system.

show abstract

Security risk situation quantification method based on threat prediction for multimedia communication network

Cited by 13 publications

References 23 publications

An Environment-Specific Prioritization Model for Information-Security Vulnerabilities Based on Risk Factor Analysis

An Environment-Specific Prioritization Model for Information-Security Vulnerabilities Based on Risk Factor Analysis

The Application of Data Encryption Technology in Computer Network Communication Security

Application of Data Encryption Technology in Computer Network Communication Security

Contact Info

Product

Resources

About