Abstract
The existing network security theory usually believes that “residual risks” are acceptable to a certain degree. However, the reality is that most attackers can enter the network by using the residual risks. Therefore Method of cyber risk assessment. First of all, the algorithm uses the access relationship between the network equipment to build an attack graph structure. Secondly, it uses an Grade protection evaluation score to replace the traditional CVSS score and introduce the indicator of the weight of the indicator to obtain a prior risk probability of each node in the network. Finally, according to real-time attack signs, the Bayesian reasoning algorithm calculates the post-test risk probability of the node to evaluate the risk of network in real time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Li, J., et al.: Dynamic network security analysis based on bayesian attack graph. Comput. Sci. 49(03), 62–69 (2022)
Yang, X.: Analysis of Network Attack Defense Based on Bayesian Attack Graph and Markov Process. Harbin University of Science and Technology (2021).https://doi.org/10.27063/d.cnki.ghlgu.2021.000028
Hui, W., Juan, Z., Ya, Z., Kun, L., Wenfeng, F.: A new Bayesian model for network risk assessment. Small Microcomput. Syst. 41(09), 1898–1904 (2020)
Yang, Y.: Research on threat assessment method and defense mechanism of multi-step attack scenarios. Beijing Jiaotong University (2019)
Huan, L.: Research on dynamic risk assessment method based on Bayesian network attack graph. Yanshan University (2019).https://doi.org/10.27440/d.cnki.gysdu.2019.000535
Yuyang, Z., Guang, C., Chunsheng, G.: A network attack surface risk assessment method based on Bayesian attack graph. J. Netw. Inf. Secur. 4(06), 11–22 (2018)
Fan, W.: Research on network security risk assessment method based on Bayesian attack graph. Northwestern University (2018)
Shixing, G.: Analysis of probability calculation of cluster tree propagation algorithm in Bayesian network attack graph. Softw. Guide 16(07), 174–178 (2017)
Hao, H., Runguo, Y., Hongqi, Z., Yingjie, Y., Yuling, L.: Network security situation quantification method based on attack prediction. J. Commun. 38(10), 122–134 (2017)
Yan, F., Xiaochuan, Y., Jingzhi, L.: Research on quantitative assessment of network security based on Bayesian attack graph. Comput. App. Res. 30(09), 2763–2766 (2013)
Hao, C., Qin, Y., Zhou, C.: Dynamic risk assessment of industrial control system based on bayesian attack graph. Inf. Technol. 42(10), 62–67+72 (2018). https://doi.org/10.13274/j.cnki.hdzj.2018.10.013
Mehta, V., Bartzis, C., Zhu, H., Clarke, E., Wing, J.: Ranking attack graphs. In: Zamboni, D., Kruegel, C. (eds.) Recent Advances in Intrusion Detection. LNCS, vol. 4219, pp. 127–144. Springer, Heidelberg (2006). https://doi.org/10.1007/11856214_7
Xie, P., Li, J.H., Ou, X., et al.: Using Bayesian networks for cyber security analysis. In: IEEE/IFIP International Conference on Dependable Systems and Networks, Chicago (2010)
Cunningham, W.H.: Optimal attack and reinforcement of a network. J. ACM 32(3), 549–561 (1985)
Ou Xinming, H.J.Z.S.: MulVal project at Kansas State University, 7 Sep 2016. http://people.cs.ksu.edu/~xou/mulval/
Dagum, P., Chavez, R.M.: Approximating Probabilistic Inference in Bayesian Belief Networks. IEEE Trans. Pattern Anal. Mach. Intell. 15(3), 246–255 (1993)
Minka, T.P.: Expectation propagation for approximate Bayesian inference. In: Seventeenth Conference on Uncertainty in Artificial Intelligence (2013)
Larra, A.P., Kuijpers, C.M.H., et al.: Decomposing Bayesian networks: triangulation of the moral graph with genetic algorithms. Statist. Comput. 7(1), 19–34 (1997)
Rose, D.J., Tarjan, R.E.: Algorithmic aspects of vertex elimination on directed graphs. Stanford University (1975)
Kenig, B., Gal, A.: On the impact of junction-tree topology on weighted model counting. In: Beierle, C., Dekhtyar, A. (eds.) Scalable Uncertainty Management. LNCS (LNAI), vol. 9310, pp. 83–98. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23540-0_6
Venkatraman, S., Yen, G.G.: A generic framework for constrained optimization using genetic algorithms. IEEE Trans. Evol. Comput. 9(4), 424–435 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Jing, H., Yan, P., Wang, G., Liu, J., Fang, Y. (2023). Network Risk Assessment Method Based on Residual Risk Analysis. In: Tekinerdogan, B., Wang, Y., Zhang, LJ. (eds) Internet of Things – ICIOT 2022. ICIOT 2022. Lecture Notes in Computer Science, vol 13735. Springer, Cham. https://doi.org/10.1007/978-3-031-23582-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-23582-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-23581-8
Online ISBN: 978-3-031-23582-5
eBook Packages: Computer ScienceComputer Science (R0)