Search results

With the rapid development of Internet technology, cybersecurity threats such as security loopholes, data leaks, network fraud, and ransomware have become increasingly prominent, and organized and purposeful cyberattacks have increased, posing more challenges to cybersecurity protection. Therefore, reliable network risk assessment methods and effective network security protection schemes are urgently needed.

Based on the dynamic behavior patterns of attackers and defenders, a Bayesian network attack graph is constructed, and a multitarget risk dynamic assessment model is proposed based on network availability, network utilization impact and vulnerability attack possibility. Then, the self-organizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed. And the authors use this algorithm to solve the multiobjective risk assessment model, and a variety of different attack strategies are obtained.

The experimental results demonstrate that the method yields 29 distinct attack strategies, and then attacker's preferences can be obtained according to these attack strategies. Furthermore, the method efficiently addresses the security assessment problem involving multiple decision variables, thereby providing constructive guidance for the construction of security network, security reinforcement and active defense.

A method for network risk assessment methods is given. And this study proposed a multiobjective risk dynamic assessment model based on network availability, network utilization impact and the possibility of vulnerability attacks. The example demonstrates the effectiveness of the method in addressing network security risks.

The purpose of this study is to explore the rationale that governs implementation of information systems and network security expenditures through a case study approach.

The research method took the form of a mixed‐method assessment of the perceptions of persons of authority in the management and the network security areas of an organization that has implemented network security protocols. Two stages of the research process were completed in order to gather the necessary data for the study. The first stage of the study was the administration of a Likert‐type questionnaire in which respondents answered 30 unique items on network security. In the second phase of the study, a number of responders were contacted to further expand upon the themes presented in the Likert‐type questionnaire.

Empirical evidence gathered justifies theoretical claims that personnel from general management have different perspectives towards network security than personnel from the network security management. In particular, the study indicates that such differences are demonstrated on a number of areas such as the effectiveness and the efficiency of the networked system; control of network security; security‐related decision‐making processes; and users of the network. The latter being the most controversial issue with one side indicating that users should be allowed to use the network in an efficient manner, and the other side emphasizing that users pose one of the greatest security risks to the system.

The limitations of the study are found in its focus on a specific company and on its perception‐centred nature of risk and risk analysis. No two persons identify and frame risk in an identical manner. This creates potential conflict of interest when the participants within a risk assessment process approach the issues and present their arguments as to how to best identify and respond to risks.

Through comparing and contrasting the perspectives of the two sample populations, the research assists in demonstrating how, why, and to what extent specific problems are recognized by those within management and those within network security. This allowed the analysis of how these problems are defined and what steps can be taken that would help to reduce or eliminate its impact in the organization used in our case study.

It has been argued in the literature that there is lack of empirically based research to explore and effectively analyze the perceptions held by management and by security specialists within organizations with respect to security. This paper presents the results of the application of a novel two‐stage framework on an empirical case study focused on a large national bank. The work allowed the identification of the various perceptions held by management and by security specialists, and the degree to which these perceptions are similar.

The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals.

The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread.

The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities.

Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities.

A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management.

This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.

The purpose of this paper is to evaluate if automated vulnerability scanning accurately identifies vulnerabilities in computer networks and if this accuracy is contingent on the platforms used.

Both qualitative comparisons of functionality and quantitative comparisons of false positives and false negatives are made for seven different scanners. The quantitative assessment includes data from both authenticated and unauthenticated scans. Experiments were conducted on a computer network of 28 hosts with various operating systems, services and vulnerabilities. This network was set up by a team of security researchers and professionals.

The data collected in this study show that authenticated vulnerability scanning is usable. However, automated scanning is not able to accurately identify all vulnerabilities present in computer networks. Also, scans of hosts running Windows are more accurate than scans of hosts running Linux.

This paper focuses on the direct output of automated scans with respect to the vulnerabilities they identify. Areas such as how to interpret the results assessed by each scanner (e.g. regarding remediation guidelines) or aggregating information about individual vulnerabilities into risk measures are out of scope.

This paper describes how well automated vulnerability scanners perform when it comes to identifying security issues in a network. The findings suggest that a vulnerability scanner is a useable tool to have in your security toolbox given that user credentials are available for the hosts in your network. Manual effort is however needed to complement automated scanning in order to get satisfactory accuracy regarding network security problems.

Previous studies have focused on the qualitative aspects on vulnerability assessment. This study presents a quantitative evaluation of seven of the most popular vulnerability scanners available on the market.

As an important load-bearing component of cable-stayed bridge, the cable-stayed cable is an important load-bearing link for the bridge superstructure and the load transferred directly to the bridge tower. In order to better manage the risk of the cable system in the construction process, the purpose of this paper is to study a new method of dynamic risk analysis of the cable system of the suspended multi-tower cable-stayed bridge based on the Bayesian network.

First of all, this paper focuses on the whole process of the construction of the cable system, analyzes the construction characteristics of each process, identifies the safety risk factors in the construction process of the cable system, and determines the causal relationship between the risk factors. Secondly, the prior probability distribution of risk factors is determined by the expert investigation method, and the risk matrix method is used to evaluate the safety risk of cable failure quantitatively. The function expression of risk matrix is established by combining the probability of risk event occurrence and loss level. After that, the topology structure of Bayesian network is established, risk factors and probability parameters are incorporated into the network and then the Bayesian principle is applied to update the posterior probability of risk events according to the new information in the construction process. Finally, the construction reliability evaluation of PAIRA bridge main bridge cable system in Bangladesh is taken as an example to verify the effectiveness and accuracy of the new method.

The feasibility of using Bayesian network to dynamically assess the safety risk of PAIRA bridge in Bangladesh is verified by the construction reliability evaluation of the main bridge cable system. The research results show that the probability of the accident resulting from the insufficient safety of the cable components of the main bridge of PAIRA bridge is 0.02, which belongs to a very small range. According to the analysis of the risk grade matrix, the risk grade is Ⅱ, which belongs to the acceptable risk range. In addition, according to the reverse reasoning of the Bayesian model, when the serious failure of the cable system is certain to occur, the node with the greatest impact is B3 (cable break) and its probability of occurrence is 82%, that is, cable break is an important reason for the serious failure of the cable system. The factor that has the greatest influence on B3 node is C6 (cable quality), and its probability is 34%, that is, cable quality is not satisfied is the main reason for cable fracture. In the same way, it can be obtained that the D9 (steel wire fracture inside the cable) event of the next level is the biggest incentive of C6 event, its occurrence probability is 32% and E7 (steel strand strength is not up to standard) event is the biggest incentive of D9 event, its occurrence probability is 13%. At the same time, the sensitivity analysis also confirmed that B3, C6, D9 and E7 risk factors were the main causes of risk occurrence.

This paper proposes a Bayesian network-based construction reliability assessment method for cable-stayed bridge cable system. The core purpose of this method is to achieve comprehensive and accurate management and control of the risks in the construction process of the cable system, so as to improve the service life of the cable while strengthening the overall reliability of the structure. Compared with the existing evaluation methods, the proposed method has higher reliability and accuracy. This method can effectively assess the risk of the cable system in the construction process, and is innovative in the field of risk assessment of the cable system of cable-stayed bridge construction, enriching the scientific research achievements in this field, and providing strong support for the construction risk control of the cable system of cable-stayed bridge.

The purpose of this paper is to test the practical utility of attack graph analysis. Attack graphs have been proposed as a viable solution to many problems in computer network security management. After individual vulnerabilities are identified with a vulnerability scanner, an attack graph can relate the individual vulnerabilities to the possibility of an attack and subsequently analyze and predict which privileges attackers could obtain through multi-step attacks (in which multiple vulnerabilities are exploited in sequence).

The attack graph tool, MulVAL, was fed information from the vulnerability scanner Nexpose and network topology information from 8 fictitious organizations containing 199 machines. Two teams of attackers attempted to infiltrate these networks over the course of two days and reported which machines they compromised and which attack paths they attempted to use. Their reports are compared to the predictions of the attack graph analysis.

The prediction accuracy of the attack graph analysis was poor. Attackers were more than three times likely to compromise a host predicted as impossible to compromise compared to a host that was predicted as possible to compromise. Furthermore, 29 per cent of the hosts predicted as impossible to compromise were compromised during the two days. The inaccuracy of the vulnerability scanner and MulVAL’s interpretation of vulnerability information are primary reasons for the poor prediction accuracy.

Although considerable research contributions have been made to the development of attack graphs, and several analysis methods have been proposed using attack graphs, the extant literature does not describe any tests of their accuracy under realistic conditions.

The purpose of this paper is to propose a novel risk assessment approach that considers the inter‐relationship between supply chain risks and the structure of network at the same time. To reduce the impact of the supply chain risk and enhance the flexibility of transportation route finding during the product delivery, the authors propose a way to model the risk propagation and how to integrate it with the supply chain network using Bayesian Belief Network (BBN). The key risk indicators (KRI) of each vertex and edge of the supply chain network which are measured or computed by the proposed approach can be utilized to develop the optimal transportation route in the execution phase.

BBN is utilized to illustrate the relations among supply chain risks which may take place in a certain vertex. To apply the BBN to the supply chain network, the authors develop the framework to integrate BBN and the supply chain network by using the general functions that describe the characteristics of the risk factors and inter‐relationships between vertices.

By using the proposed risk assessment and dynamic route‐finding approach, it is possible to reduce the unexpected cost from the supply chain risk and overcome the limitations of previous risk management strategies which focus on developing counter plans and assume the independency of supply chain risks.

The proposed approach describes how to develop KRI‐BBN to model the risk propagation and to integrate the KRI‐BBN and supply chain network. The KRIs directly measured or computed by KRI‐BBN in real time can be utilized to alternate supply chain execution plans such as inventory management, demand management and product flow management. Transportation problem considering risk is developed to show how to apply the proposed approach and numerical experiments are conducted to prove the cost effectiveness.

The contribution of this paper lies in the way of developing KRI‐BBN to assess the supply chain risk and modelling of the risk propagation by integrating KRI‐BBN with supply chain network. With the proposed risk assessment approach, it is able to alternate the transportation route to minimize the unexpected cost and transportation cost simultaneously.

This paper aims to clarify the uncertainty reflected in the current state of information security maturity evaluation where it has not enough matured and converged so that a generic approach or many specfics approaches become the go-to choice. In fact, in the past decade, many secruity maturity models are still being produced and remain unproven regardless of the existence of ISO 21827.

The authors have used the systematic literature review to summarize existing research, help identify gaps in the existing literature and provide background for positioning new research studies.

The authors highlighted the prevalent influence of the ISO/IEC 27001/27002 standard but raised the necessity for an in-depth investigation of ISO 21827. The authors also made the implementation facet a central topic of our review. The authors found out that, compared to the number of proposed models, implementation experiments are lacking. This could be due to the arduous task of validation and it could also be the reason why specific models are dominant.

While the research literature contains many experience reports and a few case studies on information security maturity evaluation, a systematic review and synthesis of this growing field of research is unavailable as far as the authors know. In fact, the authors only picked-up one bodywork [Maturity models in cyber security A systematic review (2017)] carrying out a literature review on security maturity models between 2012 and 2017, written in Spanish.

This paper introduces a solution for employing intrusion detection technology across organisational boundaries by using knowledge grid technology.

Employment of intrusion detection technology is currently limited to inside organisation deployments. By setting up communities, which maintain trust relationships between network nodes anywhere in the internet, security event data, structured into a common XML‐based format, can be exchanged in a secure and reliable manner.

A modular architecture has been developed which provides functionality to integrate different audit data generating applications and share knowledge about incidents, vulnerabilities and countermeasures from all over the internet. A security policy, based on the Chinese Wall Security Policy, ensures the protection of information inserted into the network.

The solution is currently in a preliminary stage, providing the description of the design only. Implementation as well as evaluation is under development.

Trusting communities everywhere in the internet will be brought into being so that people may establish trust relationships between each other. Participants may decide themselves whom they trust as a source for security‐related information rather than depending on centralised approaches.

No approach is known combining the two technologies – intrusion detection and grid – as described in this paper. The decentralised, peer‐to‐peer based grid approach together with the introduction of trust relationships and communities results in a new way of thinking about distributing security audit data.

Denial-of-service (DoS) attacks develop unauthorized entry to various network services and user information by building traffic that creates multiple requests simultaneously making the system unavailable to users. Protection of internet services requires effective DoS attack detection to keep an eye on traffic passing across protected networks, freeing the protected internet servers from surveillance threats and ensuring they can focus on offering high-quality services with the fewest response times possible.

This paper aims to develop a hybrid optimization-based deep learning model to precisely detect DoS attacks.

The designed Aquila deer hunting optimization-enabled deep belief network technique achieved improved performance with an accuracy of 92.8%, a true positive rate of 92.8% and a true negative rate of 93.6.

The introduced detection approach effectively detects DoS attacks available on the internet.