Bayesian Decision Network-Based Security Risk Management Framework
- PDF / 1,913,635 Bytes
- 26 Pages / 439.37 x 666.142 pts Page_size
- 54 Downloads / 215 Views
Bayesian Decision Network‑Based Security Risk Management Framework Masoud Khosravi‑Farmad1 · Abbas Ghaemi‑Bafghi1 Received: 19 August 2019 / Revised: 30 May 2020 / Accepted: 17 July 2020 © Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract Network security risk management is comprised of several essential processes, namely risk assessment, risk mitigation and risk validation and monitoring, which should be done accurately to maintain the overall security level of a network in an acceptable level. In this paper, an integrated framework for network security risk management is presented which is based on a probabilistic graphical model called Bayesian decision network (BDN). Using BDN, we model the information needed for managing security risks, such as information about vulnerabilities, risk-reducing countermeasures and the effects of implementing them on vulnerabilities, with the minimum need for expert’s knowledge. In order to increase the accuracy of the proposed risk assessment process, vulnerabilities exploitation probability and impact of vulnerabilities exploitation on network assets are calculated using inherent, temporal and environmental factors. In the risk mitigation process, a cost-benefit analysis is efficiently done using modified Bayesian inference algorithms even in case of budget limitation. The experimental results show that network security level enhances significantly due to precise assessment and appropriate mitigation of risks. Keywords Risk assessment · Risk mitigation · Risk management framework · Costbenefit analysis · Decision making · Bayesian decision network
1 Introduction In today’s complex computer networks, one of the main challenges of the network security administrators is to identify, assess and prioritize the security risks to their network assets and also to determine appropriate mitigation strategies to address * Abbas Ghaemi‑Bafghi [email protected] Masoud Khosravi‑Farmad [email protected] 1
Data and Communication Security Lab., Computer Engineering Department, Ferdowsi University of Mashhad, Mashhad, Iran
13
Vol.:(0123456789)
Journal of Network and Systems Management
these risks. The net negative impact of the exploitation of a security vulnerability is called security risk which considers both the probability and the impact of vulnerability exploitation. Security risk management is the process of risk assessment, risk mitigation and risk validation and monitoring with the aim of minimizing or eliminating the potential risks in the systems [1–3]. Risk assessment process refers to identification and evaluation of risks, and also recommendation of risk-reducing countermeasures. In this classification, the risk assessment process includes risk analysis, which is the process of measuring the probability of vulnerabilities exploitation and their expected impact. Risk mitigation process includes prioritizing, implementing and maintaining the appropriate countermeasures recommended from the risk assessment process. Risk validation and moni
Data Loading...
