Risk Assessment for Cyber Security of Manufacturing Systems: A Game Theory Approach

Zarreh, Alireza; Wan, Hung-da; Lee, Yooneun; Saygin, Can; Janahi, Rafid Al

doi:10.1016/j.promfg.2020.01.077

Cited by 21 publications

(7 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The management of this risk should give a general view of the organization through the cataloguing of resources, the identification of threats and the valuing of vulnerabilities [9]. In a Cyber scenario, Risk Management should be done on very different and complex systems with the aim of identifying the risk, then validate it and, lastly, consider responses to the risk [10].…”

Section: Risk Managementmentioning

confidence: 99%

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

et al. 2019

View full text Add to dashboard Cite

Cyber risk management is a very important problem for every company connected to the internet. Usually, risk management is done considering only Risk Analysis without connecting it with Vulnerability Assessment, using external and expensive tools. In this paper we present CYber Risk Vulnerability Management (CYRVM)-a custom-made software platform devised to simplify and improve automation and continuity in cyber security assessment. CYRVM's main novelties are the combination, in a single and easy-to-use Web-based software platform, of an online Vulnerability Assessment tool within a Risk Analysis framework following the NIST 800-30 Risk Management guidelines and the integration of predictive solutions able to suggest to the user the risk rating and classification.

show abstract

Section: Risk Managementmentioning

confidence: 99%

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

et al. 2019

View full text Add to dashboard Cite

show abstract

“…However, at the global level, the diversity of norms and criteria established for aspects associated with business schemes, risk policies, risk analysis and their management, make it difficult to assume one as the best, as they differ in their approaches, but above all, due to the lack of a methodological process approach to assume these activities and the difficulty of having software based technological alternatives to assist in this work. In this scenario, research in security risk management has been proposing several approaches: quantitative, qualitative and hybrid, as well as approaches related to implementation of management and analysis tools, often using fuzzy logic algorithms [3][4], computational intelligence [5], game theory [6], among others.…”

Section: Problem Contextualizationmentioning

confidence: 99%

Implementation of cybersecurity risk analysis systems in Colombia

Corredor-Chavarro,

Franco-Mora,

Izquierdo-Dussan

2019

Vis. Electron.

View full text Add to dashboard Cite

Currently, organizations in all productive sectors, but mainly in government, financial services, banking, telecommunications and education, support their activities on information technologies, due to the fact that keeping business continuity is increasingly complex, as the rising threats on technologies and organizational processes, can materialize as security incidents according to the risk level and the opportune actions taken by the organization in this regard. In Colombia, risk management at corporate levels is usually achieved through standards such as NTC-ISO 27005 and NTC_ISO 31000, but worldwide the diversity of standards and criteria established for business schemes, policies, analysis and risks management, hinders the task of adopting them, due to the lack of a methodological process approach and the difficulty of having software technological alternatives to assist in this work. This article presents a review of security risk management in Colombia and the development case of a web-oriented system for risk analysis under these standards.

show abstract

“…Linear programming has been utilized in cyber-attack prevention, yet the capability to devise practical mathematical solutions to gaming problems remains a significant challenge within game theory (Amadi et al, 2017). Additionally, Zarreh et al (2019) tackled cybersecurity challenges in sophisticated manufacturing systems characterized by high-level computer-controlled integration. Their research proposed a method for constructing and addressing a game theory model, albeit with the simplification of employing zero-sum game theory, which may not reflect reality accurately.…”

Section: Introductionmentioning

confidence: 99%

A Framework for Game Theoretic Model for Cyber Treats Prevention

philip,

Olufisoye,

Kazeem

2024

Preprint

View full text Add to dashboard Cite

The dynamic nature of cyber treatspresents formidable challenges in thwarting and managing cyberspace. Conventional security measures often lag-behind swiftly evolving tactics employed by cybercriminals, necessitating a more proactive approach. This paper introduces a framework that advocates for the integration of game theoretic models to introducestrategies for preventing cyber threats. The framework explores how attackers and defenders interact in the cyber using ideas from Non-Cooperative Non-Zero-Sum game theory and linear algebra was used to formulate the model. By comprehensively analyzing and modeling the decision-making processes of both parties, it becomes possible to implement proactive measures that fortify cybersecurity defenses. Two distinct performance metrics—residual energy and success rate—were used to assess the model's effectiveness. The results show that, under realistic assumptions, the model developed obtained an amazing success rate of 99.65%. This implies that a non-cooperative non-zero-sum approach can be put into place to improve the system's defence against cyber threats.

show abstract

Risk Assessment for Cyber Security of Manufacturing Systems: A Game Theory Approach

Cited by 21 publications

References 19 publications

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

Implementation of cybersecurity risk analysis systems in Colombia

A Framework for Game Theoretic Model for Cyber Treats Prevention

Contact Info

Product

Resources

About