Journal Article10.1007/S11042-017-5602-0
Security risk situation quantification method based on threat prediction for multimedia communication network
Hao Hu,Hongqi Zhang,Yingjie Yang +2 more
15
TL;DR: This work proposes a novel method for threat identification, and further builds a quantitative security risk model with it, which enables a manager to quantify the risks of any identified threat or ongoing attack and to recognize the vulnerable multimedia devices to keep secure multimedia communication.
read more
Abstract: Multimedia communication network has gained remarkable popularity by a wide spectrum of users nowadays. It is easier that the potential threats conceal within the large-scale net flow of multimedia communication traffic. Once vulnerability exploitation occurs, the latent risk will be brought to the surface, causing a series of safety problems. Thus, the vulnerability analysis and threat prediction are becoming critical issues. Recently years, many investigations have been made. However, they are not sufficient. To provide a comprehensive view of the threat scenario and present a quantitative risk-aware approach, we propose a novel method for threat identification, and further we build a quantitative security risk model with it. Actually, two algorithms are proposed, namely dynamic Bayesian attack graph based threat prediction algorithm, and threat prediction based security risk quantification algorithm. The first algorithm aims to provide full prediction information with threat scenario. The second algorithm quantifies the threat in the first algorithm into the security risk from two levels: host and network. The examples indicate that our method is feasible and scalable, which enables a manager to quantify the risks of any identified threat or ongoing attack and to recognize the vulnerable multimedia devices to keep secure multimedia communication.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Cybersecurity Risk Assessment: A Systematic Mapping Review, Proposal, and Validation
TL;DR: In this article , the authors present a systematic mapping review (SMR) of tools that automate the cybersecurity risk assessment stage based on studies published in the last decade and identify the differences (reference models and applications) and coverage of the main qualitative and quantitative models.
An Environment-Specific Prioritization Model for Information-Security Vulnerabilities Based on Risk Factor Analysis
TL;DR: In this article , a mathematical prioritization model was developed, which allows for calculating the risk factor using the phases of collection, analysis, and extraction of knowledge from the open information sources of the OSINT framework.
ATT&CK-based Advanced Persistent Threat attacks risk propagation assessment model for zero trust networks
Jingci Zhang,Jun Zheng,Zheng Zhang,Tian Chen,Yuan Tan,Quanxin Zhang,Yuanzhang Li +6 more
- 01 Mar 2024
TL;DR: This paper proposes a novel ATT&CK-based risk propagation assessment model for zero trust networks to mitigate Advanced Persistent Threat (APT) attacks, leveraging the Markov chain model and frequent item set analysis to enhance cyber threat penetration attack prediction and mitigation.
7
Behavioral Authentication for Security and Safety
Cheng Wang,Hao Tang,Hang Zhu,Junhan Zheng,Changjun Jiang +4 more
TL;DR: This review provides a comprehensive examination of the background and preliminaries of behavioral authentication and summarizes existing research based on their respective focus areas and characteristics.
3
Behavioral Authentication for Security and Safety
Cheng Wang,Hao Tang,Hangyu Zhu,J. P. Zheng,Changjun Jiang +4 more
TL;DR: Behavioral authentication is a method for security and safety based on the appropriateness of behavior. It involves classifying behavior into different levels of appropriateness and degrees of custodies.
3
References
Design and evaluation for situation awareness enhancement
Mica R. Endsley
- 01 Oct 1988
TL;DR: A discussion of the SA construct, important considerations facing designers of aircraft systems, and current research in the area of SA measurement are presented.
2K
Intrusion detection systems and multisensor data fusion
TL;DR: The vast majority of security professionals would agree that real-time ID systems are not technically advanced enough to detect sophisticated cyberattacks by trained professionals, but these systems have not matured to a level where sophisticated attacks are reliably detected, verified, and assessed.
703
•Proceedings Article
MulVAL: a logic-based network security analyzer
Xinming Ou,Sudhakar Govindavajhala,Andrew W. Appel +2 more
- 31 Jul 2005
TL;DR: MulVAL is an end-to-end framework and reasoning system that conducts multihost, multistage vulnerability analysis on a network and can reason about 84% of the Red Hat bugs reported in OVAL, a formal vulnerability definition language.
Review: Situation identification techniques in pervasive computing: A review
TL;DR: A comprehensive analysis of the nature and characteristics of situations is provided, the complexities of situation identification are discussed, and the techniques that are most popularly used in modelling and inferring situations from sensor data are reviewed.
488
Game strategies in network security
Kong-Wei Lye,Jeannette M. Wing +1 more
TL;DR: In this paper, the interactions between an attacker and an administrator were modeled as a two-player stochastic game and a nonlinear program was used to compute Nash equilibria or best-response strategies for the players (attacker and administrator).