A Security Model Based Approach for Dynamic Risk Assessment of Multi-Step Attacks in Computer Networks

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

KERAMATI M.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2021 | Volume:9 | Issue:1 (33) Page(s): 157-173

Download Full-Text

Persian Verion

View:

546

Download:

Cites:

Information Journal Paper

Title

A Security Model Based Approach for Dynamic Risk Assessment of Multi-Step Attacks in Computer Networks

Author(s)

KERAMATI M. | Issue Writer Certificate

Keywords

Risk AssessmentQ1

Multi-Step AttacksQ2

Zero-Day AttacksQ1

Attack GraphQ1

Common Vulnerability Scoring System(CVSS)Q1

Security MetricQ1

Abstract

Multi-facet dependency of human life on computer networks and its widespread vulnerability has made network robustness a necessity. With cost as a limiting factor, network robustness is considered as a great challenge for network administrators. This goal would be achievable by prioritizing the vulnerabilities based on their risk and choosing the most hazardous ones for elimination. Nowadays, CVSS is being used as the most widely used vulnerability scoring system. In CVSS, vulnerability ranking is based on its intrinsic features while temporal features such as the probability of developing exploitation tools, are ignored. So, dynamic risk evaluation is not possible with CVSS and it is incapable of performing effective vulnerability discretion. This is because, only limited number of vulnerabilities are available for prioritization of infinite number of vulnerabilities. In addition, CVSS only ranks single step attacks whilst a wide variety of attacks are Multi-Step Attacks. In this paper, a security system is proposed that is an improvement over CVSS and some other existing vulnerability scoring systems. It performs dynamic risk evaluation of Multi-Step Attacks by considering vulnerabilities' temporal features. As the introduced model is developed based on Security Metrics of the security model, security evaluation of Multi-Step Attacks is now possible by CVSS. Also, the capability of risk evaluation of Zero-Day Attacks is one unique feature of the proposed system which cannot be accomplished by the present vulnerability scoring systems. In CVSS, the impact of exploiting 35. 5% of vulnerabilities on confidentiality, integrity and availability are scored the same. But, in the proposed system, by considering the relative priority of the three mentioned security parameters, vulnerability discrimination of risk score of the mentioned percentage of vulnerabilities may be possible. On the other hand, the continuity of the probability assessment function of the proposed method in comparison to the discrete one in CVSS, improves the score diversity.

Cites

No record.

References

No record.

Cite

APA: Copy

KERAMATI, M.. (2021). A Security Model Based Approach for Dynamic Risk Assessment of Multi-Step Attacks in Computer Networks. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 9(1 (33) ), 157-173. SID. https://sid.ir/paper/388034/en

Vancouver: Copy

KERAMATI M.. A Security Model Based Approach for Dynamic Risk Assessment of Multi-Step Attacks in Computer Networks. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2021;9(1 (33) ):157-173. Available from: https://sid.ir/paper/388034/en

IEEE: Copy

M. KERAMATI, “A Security Model Based Approach for Dynamic Risk Assessment of Multi-Step Attacks in Computer Networks,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 9, no. 1 (33) , pp. 157–173, 2021, [Online]. Available: https://sid.ir/paper/388034/en

Related Journal Papers

No record.

Related Seminar Papers

No record.

Related Plans

No record.

Recommended Workshops