A threat risk estimation model for computer network security

Risk analysis of security threats in computer networks is one of the most challenging fields in network management. Security risk analysis is usually done by security experts. Although they utilize analysis tools such as scanners and analyzers, the need for expert is still inevitable. To reduce the need of security expertise for network administrator, yet performing security risk management, this paper proposes UML models to represent expert's security information. We propose a UML class diagram which is built up of necessary classes for security analysis of networks. These classes are the building blocks needed for estimation of probability and effects of security threats. This model is created once and represents the security information needed for analysis. To analyze any network, the needed objects should be instantiated from the provided classes. These objects form the security model of the network with all the threats and their risks specified in. To instantiate the objects of network security model, its information is needed. This information is usually available in documents of a network or is obtainable via automated scanners. We show the applicability of the proposed model on a test network. As the result, the security model of the network which contains its security threats and also their risks are obtained.

[1]  Mathias Ekstedt,et al.  A probabilistic relational model for security risk analysis , 2010, Comput. Secur..

[2]  Kai Zhang Analysis Method based on Rough Attack-defense Bayes Game Model , 2015 .

[3]  Siv Hilde Houmb,et al.  Quantifying security risk level from CVSS estimates of frequency and impact , 2010, J. Syst. Softw..

[4]  R.F. Mills,et al.  Analyzing Attack Trees using Generalized Stochastic Petri Nets , 2006, 2006 IEEE Information Assurance Workshop.

[5]  Mathias Ekstedt,et al.  The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.

[6]  Ben Walters,et al.  QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[7]  Ji Yi,et al.  A Game Theoretical Attack-Defense Model Oriented to Network Security Risk Assessment , 2008, 2008 International Conference on Computer Science and Software Engineering.

[8]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[9]  Abbas Ghaemi Bafghi,et al.  Considering temporal and environmental characteristics of vulnerabilities in network security risk assessment , 2014, 2014 11th International ISC Conference on Information Security and Cryptology.

[10]  Karen A. Scarfone,et al.  A Complete Guide to the Common Vulnerability Scoring System Version 2.0 | NIST , 2007 .

[11]  Ibrahim Sogukpinar,et al.  ISRAM: information security risk analysis method , 2005, Comput. Secur..

[12]  Fan Zhang,et al.  Extended Petri Net-Based Advanced Persistent Threat Analysis Model , 2014 .

[13]  Shanshan Song,et al.  A Novel Attack Graph Posterior Inference Model Based on Bayesian Network , 2011, J. Information Security.

[14]  Lingyu Wang,et al.  Measuring Network Security Using Bayesian Network-Based Attack Graphs , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[15]  Yu Liu,et al.  Network vulnerability assessment using Bayesian networks , 2005, SPIE Defense + Commercial Sensing.

[16]  Mathias Ekstedt,et al.  Combining Defense Graphs and Enterprise Architecture Models for Security Analysis , 2008, 2008 12th International IEEE Enterprise Distributed Object Computing Conference.

[17]  A. G. Bafghi,et al.  Network security risk mitigation using Bayesian decision networks , 2014, 2014 4th International Conference on Computer and Knowledge Engineering (ICCKE).

[18]  HoumbSiv Hilde,et al.  Quantifying security risk level from CVSS estimates of frequency and impact , 2010 .

[19]  Viliam Lisý,et al.  Computing Optimal Attack Strategies Using Unconstrained Influence Diagrams , 2013, PAISI.

[20]  Jaka Sembiring,et al.  Network Security Risk Analysis using Improved MulVAL Bayesian Attack Graphs , 2016 .

[21]  Khurram Shahzad,et al.  P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language , 2015, IEEE Trans. Dependable Secur. Comput..

[22]  Babu M. Mehtre,et al.  Attack Graph Generation, Visualization and Analysis: Issues and Challenges , 2014, SSCC.