To read this content please select one of the options below:

Multiobjective network security dynamic assessment method based on Bayesian network attack graph

Jialiang Xie (College of Science, Jimei University, Xiamen, China)
Shanli Zhang (College of Science, Jimei University, Xiamen, China)
Honghui Wang (College of Science, Jimei University, Xiamen, China)
Mingzhi Chen (Beika Technology Limited Company, Xiamen, China)

International Journal of Intelligent Computing and Cybernetics

ISSN: 1756-378X

Article publication date: 16 August 2023

Issue publication date: 29 February 2024

166

Abstract

Purpose

With the rapid development of Internet technology, cybersecurity threats such as security loopholes, data leaks, network fraud, and ransomware have become increasingly prominent, and organized and purposeful cyberattacks have increased, posing more challenges to cybersecurity protection. Therefore, reliable network risk assessment methods and effective network security protection schemes are urgently needed.

Design/methodology/approach

Based on the dynamic behavior patterns of attackers and defenders, a Bayesian network attack graph is constructed, and a multitarget risk dynamic assessment model is proposed based on network availability, network utilization impact and vulnerability attack possibility. Then, the self-organizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed. And the authors use this algorithm to solve the multiobjective risk assessment model, and a variety of different attack strategies are obtained.

Findings

The experimental results demonstrate that the method yields 29 distinct attack strategies, and then attacker's preferences can be obtained according to these attack strategies. Furthermore, the method efficiently addresses the security assessment problem involving multiple decision variables, thereby providing constructive guidance for the construction of security network, security reinforcement and active defense.

Originality/value

A method for network risk assessment methods is given. And this study proposed a multiobjective risk dynamic assessment model based on network availability, network utilization impact and the possibility of vulnerability attacks. The example demonstrates the effectiveness of the method in addressing network security risks.

Keywords

Acknowledgements

This work was supported in part by the National Natural Science Foundation of China (Nos. 12271211,12071179), the National Natural Science Foundation of Fujian Province (Nos. 2021J01861), the Project of Education Department of Fujian Province (No. JT180263), the Youth Innovation Fund of Xiamen City (3502Z20206020), the Open Fund of Digital Fujian Big Data Modeling and Intelligent Computing Institute, Pre-Research Fund of Jimei University.

Citation

Xie, J., Zhang, S., Wang, H. and Chen, M. (2024), "Multiobjective network security dynamic assessment method based on Bayesian network attack graph", International Journal of Intelligent Computing and Cybernetics, Vol. 17 No. 1, pp. 38-60. https://doi.org/10.1108/IJICC-05-2023-0121

Publisher

:

Emerald Publishing Limited

Copyright © 2023, Emerald Publishing Limited

Related articles