Fig 1 - uploaded by Suleyman Kondakci
Content may be subject to copyright.
Causal effect of two threat sources on the victim system DoS attack and the Trojan threat affect the system availability, however in this example, the system speed (a measure of availability) is only affected by the DoS threat. We need to know the probabilities for both DoS and Trojan events, which, as shown in the figure, are defined as í µí± (í µí°·í µí±í µí±) = 0.72, í µí±(í µí°·í µí±í µí±) = 0.28, í µí± (í µí± í µí±í µí±í µí±í µí±í µí±) = 0.16, í µí±(í µí± í µí±í µí±í µí±í µí±í µí±) = 0.84.
Source publication
This paper presents a probabilistic approach to encode causal relationships among various threat sources and victim systems in order to facilitate quantitative and relational security assessment of information systems. In addition to providing a simple risk analysis approach compared to qualitative methods, it is unique in that it makes no a priori...
Contexts in source publication
Context 1
... simple domain modeled as a BBN is shown in Fig.1, which makes inference about the causal effect of two different threat sources (DoS and Trojan) on a victim system. ...
Context 2
... provide a quantitative description of eventual dependencies among the nodes, BBNs utilize probabilistic relations, rather than using deterministic expressions. The probabilistic relations of nodes are described by conditional probability tables (CPT), Fig.1. Once the probabilities of events are determined either empirically, by simulations, or by subjective expert opinions, we can collect some evidence for the decision-making. ...
Citations
... From this point of view, it is possible to give the following classification of cause-and-effect relationships ( Fig. 2.3). The main property of cause-and-effect relationships is their antisymmetry and transitivity, which allows for any phenomenon that can act as a consequence to build a tree of causes or co-causes that can give rise to it [12][13][14]. This is where the temporal and causal logics meet. ...
... Such designs are hybrids, because the formation of an asymmetric cryptosystem (cryptosecurity is not based on a theoretical complexity problem -decoding a random code) is provided on the basis of the use of algebraic codes. According to USA NIST experts, to ensure cryptographic strength, the formation of noise-resistant codes is necessary over the Galois field (GF 2 10 -2 13 ), which is a rather difficult issue even with modern computing resources. The use in wireless cyber-physical systems requires a significant reduction in the field, which, on the one hand, will ensure a reduction in energy consumption, and on the other hand, it requires the required level of cryptographic strength. ...
... Fig. 2.13 Block diagram of the proposed method for providing security services in wireless channels based on crypto-code constructions for assessing the current state of the level of security based on the assessment of threats to a multicontour information protection system (IPS) Cyber-physical system Noise-immune codes: ЕС, МЕС, LDPC ...
... From this point of view, we can give the following classification of cause-and-effect relationships ( Table 4). The main property of cause-and-effect relationships is their antisymmetry and transitivity, which allows for any phenomenon that can act as a consequence to build a tree of causes or co-reasons that can give rise to it [13][14][15]. This is where the temporal and causal logics meet. ...
... As an example, there are works on improvement of IDS/IPS [24], [26] or anomaly detection on the basis of network traffic analysis, e.g. [5], [12], [15]. Even if activity of users and individual system components is analyzed, it is done only on the basis of data gathered from networking appliances and the rest of the infrastructure [21]. ...
... Readers can refer to [1] in order to capture a rather detailed overview of concepts available to the reliability analysis of computer networks. Additionally, we have many useful methods derived from the classical probabilistic models, which can be considered within the context of various security analyses, e.g., [9], [5], [10], [11], [12], [13], and [14]. Some reliability models are also based on comprehensive stochastic models, e.g., [15]. ...
User vigilance and security awareness are two interrelated factors, which we often oversee and merely rely on the default configurations set by the related vendor. User-related mistakes can lead to serious threats to computerized systems. If not performed adequately, system maintenance tasks including backup, restore, patch, upgrade, and malconfigurations can create critical vulnerabilities throughout the Internet. This paper presents a numerical method to analyze the system availability and predict the cost of mistakes (or maloperations) done by users. A reliability-based impact analysis method with a concise formulation can help system administrators to easily capture the risks of human-rooted threats and take the necessary measures to mitigate them. The proposed work can be specially useful for the analysis of threats in social networks. Because social networks are more vulnerable in the sense that they connect a heavily crowded community with relatively low security-awareness, which encompasses a wide spectrum of user applications running on different platforms with different protection profiles. Due to the immense number of interconnections and highly improved communication infrastructures viruses/warms, popups, phishers, and Trojans can easily propagate to millions of users in a few milliseconds of time causing losses that are worth being aware.
... Modelling of multi-stage attacks that occur as a series of steps is to be performed for the risk assessment process to be complete. Causality refers to the relation between an event which is the cause and another event the effect (Kondakci, 2010). Considering causality in risk assessment helps to correlate attack events that may happen within a time frame or from a single source or aimed at a single target. ...
... A quantitative risk assessment model proposed by Kondakci (2010) uses Bayesian belief networks to analyse and infer causality between threat events and assets for risk propagation in a large network. Directed acyclic causal graph are used to model assets whereas uncertainty analysis and risk inference is done by converting them into Bayesian belief networks. ...
The knowledge and sophistication with which attacks are carried out in recent times, makes it essential for the organisations to carry out risk assessment in a proactive manner in order to reduce the risk impact. Multi-stage attacks are a form of complex attacks which target more than one computer in a network to carry out an attack. In order to have an effective risk management the multi-stage attacks that occur in multiple steps also need to be considered. To predict the multi-stage attacks the causality between the steps in the execution of the attack need to be modelled which can be done using fuzzy cognitive maps. Fuzzy cognitive maps can serve as a reasoning tool as they provide the fuzzy degree of causation between the events. The proposed system makes use of fuzzy cognitive maps to model the causally dependent events to predict multi-stage attacks.
... Amongst others, the intended contribution of this paper is mainly to define a generic model for emphasize risks caused by various threat sources. Some related models considering similar problems dealing with IP-networks are presented in [7] and [8]. As also stated by several SGN forums, Cyber security must address not only deliberate attacks, such as from disgruntled employees, industrial espionage, and terrorists, but inadvertent compromises of the information infrastructure due to user errors, equipment failures, and natural disasters. ...
A set of models is presented here for analyzing risks to smart grid networks and for the determination of joint
risks caused by multiple threat sources. Regarding heterogeneous communication environments, it is still an open issue to define justifiable models that can associate a risk assessment and its decision–making process on a solid ground. This numerically astute model proposes a novel concept that can help a security evaluator to quantitatively determine dependence and causality within a network of interconnected systems and their applications.
... example, as rigorously discussed and modeled by [17], most malware attacks taking advantage of the vulnerable applications on a computer occur mostly at random times. As extensively discussed by [16,[34][35][36], usage profiles basically affected by the user vigilance are also of a stochastic character. Consequently, unless otherwise specified, attacks, exploits, vulnerabilities, risks, failures, and the overall impact are considered as random processes, random functions, or variables as appropriate. ...
... Therefore, it can be advantageous to first analyze the attacks in order to facilitate the analysis of failures and impacts. Causal and harmonic effects of the threats can also arise due to the consecutive attacks emanating from different sources [34][35][36][37][38]. ...
... In a more general case, depending on the components' interaction structure with each other, we can model the system as a series-parallel system. The overall risk is then dominated by the cascade causality among the interacting components [36]. Bayesian belief networks can be effectively used for the majority of cases, where the causal interdependence among system components are definable. ...
... Additional increases in the risk levels of the unprotected (upper curve) assets were observed. This was due to some causal effects [38], whereas the consecutive attacks were trigging other inherent vulnerabilities. For example, after successfully performing an SQL injection, some other inherent or implanted attacks (e.g., injected scripts) have been activated as a result of this exploit. ...
... The quantitative risk model. Intelligent network security assessment S. Kondakci eventual chain effects caused by some unknown/hidden threats [38,39]. ...
This paper presents a new concept for information security assessments while promoting several areas of its application. Threat generation, attack pattern analysis, quantitative risk computation, and network security monitoring locally or remotely are the major application areas of this concept. Instead of testing assets one by one, by applying separate repetitive attacks and assessments, the presented system generates and executes attacks once on a sample group, composes assessment data, and uses the data for the assessment of an entire network. This unique approach can be used as a model to guide the development of tool-based assessment systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories. Copyright © 2012 John Wiley & Sons, Ltd.
... Online risk assessment is very important in terms of minimizing the performance cost incurred. In the dynamic model, we can dynamically evaluate attack cost by propagating the impact of confidentiality, integrity and availability through dependencies model or attack graph [6][7][8][9][10][11][12]. (2) Offline: in Information security management system we use offline risk assessment. ...
Iterative and incremental mechanisms are not usually considered in existing approaches for information security management System (ISMS). In this paper, we propose SUP (security unified process) as a unified process to implement a successful and high-quality ISMS. A disciplined approach can be provided by SUP to assign tasks and responsibilities within an organization. The SUP architecture comprises static and dynamic dimensions; the static dimension, or disciplines, includes business modeling, assets, security policy, implementation, configuration
and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.
... Additional increases in the risk levels of the unprotected (upper curve) assets were observed. This was due to some causal effects [38], whereas the consecutive attacks were trigging other inherent vulnerabilities. For example, after successfully performing an SQL injection, some other inherent or implanted attacks (e.g., injected scripts) have been activated as a result of this exploit. ...
This paper presents a recurrent epidemic model (REM) to explore the dynamics of Internet epidemiology through the phases of susceptibility to recovery. From both theoretical and practical standpoint, it has two main differences compared to the bare worm propagation modeling. In the first place, it defines a unique stochastic model of a general infection spread. In the second place, it models the recovery process as a stochastic queueing system, which accurately partitions diagnose, quarantine, disinfection and recovery processes and complements it as a recurrent failure-repair management model, which is entirely unique. There still exists an open question to model propagation patterns of infections and accompanying recovery models needed for effectively managing the infected individuals. The REM model is a unique concept in determining the parameters for estimating the recovery efficiency of disrupted systems and for developing long-term recovery strategies under different epidemic situations. Existing infection and worm propagation models can also be used in cooperation with REM in order to analyse necessary quarantine and recovery processes. REM can also be applied for the accurate classification of the phases in epidemic dynamics and the states of affected systems in general, and also be used as a guideline for developing stochastic simulations covering various types of systems with recurrent state dynamics in order to facilitate reliability analysis of the systems. Copyright © 2011 John Wiley & Sons, Ltd.
