Security threat probability computation using Markov Chain and Common Vulnerability Scoring System

Le, Ngoc T.; Hoang, Doan B.

doi:10.1109/atnac.2018.8615386

Cited by 17 publications

(7 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Adopting this uniform vocabulary will be beneficial for the evaluation of IT vulnerabilities, IT administrators, vulnerability bulletin providers, security companies, application vendors, and researchers [ 29 ]. For instance, a graph theory-based security threat model is presented by [ 30 ]. They used a Markov chain to discover attack vectors through several security threats in a model with three states for this purpose.…”

Section: Preliminariesmentioning

confidence: 99%

Integrated Clinical Environment Security Analysis Using Reinforcement Learning

Ibrahim

Elhafiz

2022

Bioengineering

View full text Add to dashboard Cite

Many communication standards have been proposed recently and more are being developed as a vision for dynamically composable and interoperable medical equipment. However, few have security systems that are sufficiently extensive or flexible to meet current and future safety requirements. This paper aims to analyze the cybersecurity of the Integrated Clinical Environment (ICE) through the investigation of its attack graph and the application of artificial intelligence techniques that can efficiently demonstrate the subsystems’ vulnerabilities. Attack graphs are widely used for assessing network security. On the other hand, they are typically too huge and sophisticated for security administrators to comprehend and evaluate. Therefore, this paper presents a Q-learning-based attack graph analysis approach in which an attack graph that is generated for the Integrated Clinical Environment system resembles the environment, and the agent is assumed to be the attacker. Q-learning can aid in determining the best route that the attacker can take in order to damage the system as much as possible with the least number of actions. Numeric values will be assigned to the attack graph to better determine the most vulnerable part of the system and suggest this analysis to be further utilized for bigger graphs.

show abstract

Section: Preliminariesmentioning

confidence: 99%

Integrated Clinical Environment Security Analysis Using Reinforcement Learning

Ibrahim

Elhafiz

2022

Bioengineering

View full text Add to dashboard Cite

show abstract

“…. By applying the suggested mechanism, we focus on the observable and measurable states and develop three states [27].…”

Section: Ree-state Markov Modelmentioning

confidence: 99%

Security-Level Improvement of IoT-Based Systems Using Biometric Features

Moradi

Moradkhani

Tavakoli

2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The Internet of Things (IoT) is reported as a main research topic in the current decade. It will be possible to connect smart devices to each other using IoT, a platform such as the Internet. However, the expansion and intrusion of such a large network raises some new security issues and risks related to the disclosure of user confidential information where these devices are subject to hacker threats and intrusions. Traditional security systems were password based. In this paper, after reviewing the actions taken in this regard, the improvement level of biometric security compared with traditional password-based methods will be proven in section three using the Markov model. By considering the results of the evaluation, the probability of occurrence of security problems is decreased by 90.71% by applying biometric features. Then, multi-layer security architecture with biometric features and coding systems is suggested to increase security. In the first layer, the fingerprint recognition algorithm is dependent on the module, and the U.are.U 5100 module provides more security than others. In the second layer, the Hash mechanism of the MD5 algorithm is, on average, 63.21% more efficient. By determining the properties of the first two architectural layers and ultimately for the IoT application layer, empirical methods and hardware platforms for the Internet of things are used. Concerning the simulation results, the suggested mechanism enhances the system security by 120.38% on average, which is 106.23, 110.45, and 144.46% of relative improvement compared with IoT sensors, controller layer mechanisms, and application layer mechanisms, respectively.

show abstract

“…Johnson et al [13] compare the credibility of the CVSS scoring data of different vulnerability sources of NVD, X-Force, OSVDB, CERT-VN, and Cisco. Le and Hoang [16] propose an approach to compute the probability distribution of cloud security threats based on Markov chains and the CVSS.…”

Section: Risk Assessment Approachesmentioning

confidence: 99%

Evaluating the Future Device Security Risk Indicator for Hundreds of IoT Devices

Oser¹,

Engelmann²,

Lüders³

et al. 2022

Preprint

View full text Add to dashboard Cite

IoT devices are present in many, especially corporate and sensitive, networks and regularly introduce security risks due to slow vendor responses to vulnerabilities and high difficulty of patching. In this paper, we want to evaluate to what extent the development of future risk of IoT devices due to new and unpatched vulnerabilities can be predicted based on historic information. For this analysis, we build on existing prediction algorithms available in the SAFER framework (prophet and ARIMA) which we evaluate by means of a large data-set of vulnerabilities and patches from 793 IoT devices. Our analysis shows that the SAFER framework can predict a correct future risk for 91 % of the devices, demonstrating its applicability. We conclude that this approach is a reliable means for network operators to efficiently detect and act on risks emanating from IoT devices in their networks.

show abstract

Security threat probability computation using Markov Chain and Common Vulnerability Scoring System

Cited by 17 publications

References 18 publications

Integrated Clinical Environment Security Analysis Using Reinforcement Learning

Integrated Clinical Environment Security Analysis Using Reinforcement Learning

Security-Level Improvement of IoT-Based Systems Using Biometric Features

Evaluating the Future Device Security Risk Indicator for Hundreds of IoT Devices

Contact Info

Product

Resources

About