Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Review into State of the Art of Vulnerability Assessment using Artificial Intelligence Kapitel lesen Erstes Kapitel lesen

2018 | OriginalPaper | Buchkapitel

AI- and Metrics-Based Vulnerability-Centric Cyber Security Assessment and Countermeasure Selection

verfasst von : Igor Kotenko, Elena Doynikova, Andrey Chechulin, Andrey Fedorchenko

Erschienen in: Guide to Vulnerability Analysis for Computer Networks and Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

This chapter considers methods and techniques for analytical processing of cyber security events and information. The approach suggested in the chapter is based on calculating a set of cyber security metrics suited for automatic- and human-based perception and analysis of cyber situation and suits for automated countermeasure response in a near real-time mode. To fulfil security assessments and make countermeasure decisions, artificial intelligence (AI)-based methods and techniques, including Bayesian, ontological and any-time mechanisms, are implemented. Different kinds of data are used: data from SIEM systems, data accumulated during security monitoring, and data generated by the word community in external databases of attacks, vulnerabilities and incidents for typical and special-purpose computer systems. To calculate integral metrics, the analytical models of evaluation objects are applied. To specify security objects and interrelationships among them, an ontological repository is realised. It joins data from various security databases and specifies techniques of logical inference to get answers on security-related requests. The suggested approach is demonstrated using several case studies.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel A Predictive Model for Risk and Trust Assessment in Cloud Computing: Taxonomy and Analysis for Attack Pattern Detection
Nächstes Kapitel Artificial Intelligence Agents as Mediators of Trustless Security Systems and Distributed Computing Applications
Literatur
1.
Waltermire D, Quinn S, Scarfone K, Halbardier A (2011) The technical specification for the security content automation protocol (SCAP): vol. 27 Scap version 1.2. (2011)
2.
3.
4.
5.
6.
7.
8.
Fedorchenko A, Kotenko I, Chechulin A (2015) Design of integrated vulnerabilities database for computer networks security analysis. In: 2015 23rd Euromicro international conference on parallel, distributed and network-based processing (PDP). IEEE, New York (2015), pp 559–566
9.
Fedorchenko A, Kotenko IV, Chechulin A (2015) Integrated repository of security information for network security evaluation. JoWUA 6(2):41–57
10.
11.
12.
13.
14.
15.
16.
Kruegel C, Valeur F, Vigna G (2004) Intrusion detection and correlation: challenges and solutions. Springer, USAMATH
17.
Fedorchenko A, Kotenko I, El Baz D (2017) Correlation of security events based on the analysis of structures of event types. 2017 9th IEEE international conference on intelligent data acquisition and advanced computing systems: technology and applications (IDAACS), vol 1. IEEE, New York, pp 270–276
18.
Kotenko I, Chechulin A, Doynikova E, Fedorchenko A (2017) Ontological hybrid storage for security data. International symposium on intelligent and distributed computing. Springer, Berlin, pp 159–171
19.
Fedorchenko A, Kotenko I, Doynikova E, Chechulin A (2017) The ontological approach application for construction of the hybrid security repository. In: 2017 XX IEEE international conference on soft computing and measurements (SCM). IEEE, New York (2017), pp 525–528
20.
Kotenko IV (2014) Chechulin AA (2014) Fast network attack modelling and security evaluation based on attack graphs. J Cyber Secur Mobil 3(1):27–46CrossRef
21.
Doynikova EV, Chechulin AA, Kotenko IV (2017) Analytical attack modelling and security assessment based on the common vulnerability scoring system. In: Proceedings of the 20th conference of open innovations association FRUCT, vol 20
22.
23.
Singhal A, Ou X (2011) Security risk analysis of enterprise networks using probabilistic attack graphs, Nist inter-agency report
24.
Kotenko IV, Doynikova EV (2016) Dynamical calculation of security metrics for countermeasure selection in computer networks. In: Proceedings of the 24th Euromicro international conference on parallel. IEEE Computer Society, Los Alamitos, California, pp 558–565
25.
26.
Kotenko I, Stepashkin M (2006) Attack graph based evaluation of network security. IFIP international conference on communications and multimedia security. Springer, Berlin, pp 216–227CrossRef
27.
Cheng Y, Deng J, Li J, Deloach S, Singhal A, Ou X (2018) Metrics of security
28.
ISO: ISO/IEC 27005:2011: information technology - security techniques - information security management - monitoring, measurement, analysis and evaluation (2018). Accessed 27 Feb 2018
29.
Poolsappasit N, Dewri R, Ray I (2012) Dynamic security risk management using bayesian attack graphs. IEEE Trans Depend Sec Comput 9(1):61–74CrossRef
30.
Frigault M, Wang L, Singhal A, Jajodia S (2008) Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM workshop on quality of protection, ACM, pp 23–30
31.
Doynikova E, Kotenko I (2017) CVSS-based probabilistic risk assessment for cyber situational awareness and countermeasure selection. 2017 25th Euromicro International conference on parallel, distributed and network-based processing (PDP). IEEE, New York, pp 346–353CrossRef
Metadaten
Titel
AI- and Metrics-Based Vulnerability-Centric Cyber Security Assessment and Countermeasure Selection
verfasst von
Igor Kotenko
Elena Doynikova
Andrey Chechulin
Andrey Fedorchenko
Copyright-Jahr
2018
Buch
Guide to Vulnerability Analysis for Computer Networks and Systems

Print ISBN: 978-3-319-92623-0

Electronic ISBN: 978-3-319-92624-7

Copyright-Jahr: 2018

DOI
https://doi.org/10.1007/978-3-319-92624-7_5