4th Int. Conf. on Computer and Knowledge Engineering (ICCKE 2014 , 2014-10-29

Title : ( Network Security Risk Mitigation using Bayesian Decision Networks )

Authors: Masoud khosravi Farmad , Razieh Rezaee , Ahad Harati , Abbas Ghaemi Bafghi ,

Access to full-text not allowed by authors

Citation: BibTeX | EndNote

Network security risk assessment and mitigation are two processes in the risk management framework which need to be done accurately to improve the overall security level of a network. In this paper, in order to increase the accuracy of vulnerability exploitation probability estimation in the risk assessment phase, in addition to inherent characteristics of vulnerabilities, their temporal characteristics are also considered. In the risk mitigation phase, Bayesian decision networks are used to model interconnections between vulnerabilities that enable the attacker to achieve a particular goal, the security countermeasures covering these vulnerabilities, their cost of implementation and resulted outcome. Using Bayesian decision networks, our approach yields scalability and integration of risk assessment and mitigation processes. A cost-benefit analysis is done to identify the minimum-cost hardening security measures in situations where the allocated budget for network security hardening is limited. The experimental results show that the proposed method effectively improves the security level of a test network in terms of determining the optimal security risk mitigation plans.

Keywords

Security risk mitigation; Bayesian decision networks; Attack graphs; Vulnerability; CVSS
برای دانلود از شناسه و رمز عبور پرتال پویا استفاده کنید.

@inproceedings{paperid:1053916,
author = {Khosravi Farmad, Masoud and Rezaee, Razieh and Harati, Ahad and Ghaemi Bafghi, Abbas},
title = {Network Security Risk Mitigation using Bayesian Decision Networks},
booktitle = {4th Int. Conf. on Computer and Knowledge Engineering (ICCKE 2014},
year = {2014},
location = {مشهد, IRAN},
keywords = {Security risk mitigation; Bayesian decision networks; Attack graphs; Vulnerability; CVSS framework;},
}

[Download]

%0 Conference Proceedings
%T Network Security Risk Mitigation using Bayesian Decision Networks
%A Khosravi Farmad, Masoud
%A Rezaee, Razieh
%A Harati, Ahad
%A Ghaemi Bafghi, Abbas
%J 4th Int. Conf. on Computer and Knowledge Engineering (ICCKE 2014
%D 2014

[Download]