Using Bayesian networks for cyber security analysis

Xie, Peng; Li, Jason H.; Ou, Xinming; Liu, Peng; Levy, Renato

doi:10.1109/dsn.2010.5544924

Cited by 84 publications

(27 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers have used Bayesian network models in intrusion detection systems. Those models have the flexibility to be combined with other techniques, yet authors in Xie et al (2010) warn that the combination should be done with preserving Bayesian networks strength to identify and represent relevant uncertainties. Many of the behavioral theories can be tested by simulation.…”

Section: Modeling and Simulationmentioning

confidence: 99%

Review and insight on the behavioral aspects of cybersecurity

Lahcen

Caulkins²,

Mohapatra

et al. 2020

Cybersecur

View full text Add to dashboard Cite

Stories of cyber attacks are becoming a routine in which cyber attackers show new levels of intention by sophisticated attacks on networks. Unfortunately, cybercriminals have figured out profitable business models and they take advantage of the online anonymity. A serious situation that needs to improve for networks' defenders. Therefore, a paradigm shift is essential to the effectiveness of current techniques and practices. Since the majority of cyber incidents are human enabled, this shift requires expanding research to underexplored areas such as behavioral aspects of cybersecurity. It is more vital to focus on social and behavioral issues to improve the current situation. This paper is an effort to provide a review of relevant theories and principles, and gives insights including an interdisciplinary framework that combines behavioral cybersecurity, human factors, and modeling and simulation.

show abstract

Section: Modeling and Simulationmentioning

confidence: 99%

Review and insight on the behavioral aspects of cybersecurity

Lahcen

Caulkins²,

Mohapatra

et al. 2020

Cybersecur

View full text Add to dashboard Cite

show abstract

“…In recent years, research has been conducted on the dynamics and implementation of cyber attacks to better analyze the impact of those attackers. Studies have been conducted on the use of network vulnerabilities to identify possible and realistic ways to attack [1][2][3][4][5][6]. Thus, [1] provides specific examples of large-scale cyber attacks.…”

Section: Literature Review and Problem Statementmentioning

confidence: 99%

Development of the space-time structure of the methodology for modeling the behavior of antagonistic agents of the security system

Milov

Hrebeniuk

Nalyvaiko

et al. 2020

EEJET

View full text Add to dashboard Cite

“…t |Pa(Z i t )) for all t > 1. In literature [45], Bayesian network is used to capture the uncertainty in attack structures, attacker actions and alerts. To capture the uncertainty in attack structure, CVSS metrics such as Access Complexity (AC) and Exploitability (E) are used to derive the CPT parameters.…”

Section: The Nodes In the First Slice Of A 2tbn Do Not Have Any Parammentioning

confidence: 99%

“…In literature [45], zero-day vulnerability is first mentioned in the domain of using Bayesian network for network security analysis, but the technology of unknown vulnerability risk assessment is not given.…”

Section: ) Applying Bn To Uvramentioning

confidence: 99%

Unknown Vulnerability Risk Assessment Based on Directed Graph Models: A Survey

2019

IEEE Access

View full text Add to dashboard Cite

Nowadays, vulnerability attacks occur frequently. Due to the information asymmetry between attackers and defenders, vulnerabilities can be divided into known and unknown. Existing researches mainly focus on the risk assessment of known vulnerabilities. However, unknown vulnerabilities are more threatening and harder to detect. Therefore, unknown vulnerability risk assessment deserves the widespread attention. To model the exploit process, directed graph models are applied to vulnerability risk assessment. And security metrics are used to quantify the exploitability of vulnerabilities. In this paper, according to the data source of nodes, related works of unknown vulnerability risk assessment based on directed graph models are divided into two types. One is based on network-level data, the other is based on system-level data. The former is to visualize the network status, while the latter is to reflect the running process of the system. The concept and purpose of these directed graph models are given at first. Then, these models are analyzed from three aspects, including advantages, flaws and solutions. After that, challenges and solutions of unknown vulnerability risk assessment based on directed graph models are given. Meantime, security metrics for unknown vulnerability risk assessment based on directed graph models are summarized and classified. Finally, future work directions of unknown vulnerability risk assessment are discussed from the perspective of techniques and application trends. Consequently, this paper can fill in the lack of current survey on unknown vulnerability risk assessment based on directed graph models. INDEX TERMS Directed graph model, risk assessment, security metric, unknown vulnerability.

show abstract

Using Bayesian networks for cyber security analysis

Abstract: Abstract

Cited by 84 publications

References 21 publications

Review and insight on the behavioral aspects of cybersecurity

Review and insight on the behavioral aspects of cybersecurity

Development of the space-time structure of the methodology for modeling the behavior of antagonistic agents of the security system

Unknown Vulnerability Risk Assessment Based on Directed Graph Models: A Survey

Contact Info

Product

Resources

About