Using Bayesian networks for cyber security analysis

Peng Xie, Jason H. Li, Xinming Ou, Peng Liu, Renato Levy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

170 Scopus citations

Abstract

Capturing the uncertain aspects in cyber security is important for security analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time security analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced security analysis. We build an example Bayesian network based on a current security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.

Original languageEnglish (US)
Title of host publicationProceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2010
Pages211-220
Number of pages10
DOIs
StatePublished - 2010
Event2010 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2010 - Chicago, IL, United States
Duration: Jun 28 2010Jul 1 2010

Publication series

NameProceedings of the International Conference on Dependable Systems and Networks

Other

Other2010 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2010
Country/TerritoryUnited States
CityChicago, IL
Period6/28/107/1/10

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Using Bayesian networks for cyber security analysis'. Together they form a unique fingerprint.

Cite this