nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Dynamic-Enabled Defense Strategy Base on Improved CVSS for the Home Internet

verfasst von : Chunru Zhou, Min Lei, Kunchang Li, Li Xu, Wei Bi

Erschienen in: Cloud Computing and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays, home Internet has attracted a lot of interest. Dynamic-enabled Defense Strategy can reduce the possibility of being hacked to become the mining systems for blockchain. In order to reflect the status of the smart home system more accurately, this paper proposed a method to improve the common vulnerability scoring system (CVSS) and make CVSS more suitable for the smart home system. The proposed method can obtain vulnerabilities scores, reflecting the security status of the system accurately and providing strong support for system security defense and reinforcement. For dynamically-enabled defense with constantly changing state, it is hard for the attacker to obtain all the information in a short time, since it requires too many resources when the changing frequency is too high. Whereas the attacker has enough time to analyze the system with low changing frequency. Combining with the improved vulnerability scoring system, we propose a dynamic-enable defense strategy based on Markov chain and stochastic Petri net to calculate the attack detection probability and the vulnerability value of the system, and obtain the best dynamic switching interval to ensure the security of the system.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel DoS Attacks Intrusion Detection Algorithm Based on Support Vector Machine

Nächstes Kapitel Energy Efficient Smart Irrigation System Based on 6LoWPAN

Frustaci, M., et al.: Evaluating critical security issues of the IoT world: present and Future challenges. IEEE Internet Things J. Volume PP Issue 99, 1 (2017)

Keramati, M.: New Vulnerability Scoring System for dynamic security evaluation. In: 8th International Symposium on Telecommunications (IST), 27–28 September 2016, pp. 746–751 (2016)

Aksu, U., et al.: A quantitative CVSS-based cyber security risk assessment methodology for IT systems. In: 2017 International Carnahan Conference on Security Technology (ICCST), 23–26 October 2017, pp. 1–8. IEEE (2017)

Maghrabi, L., et al.: Improved software vulnerability patching techniques using CVSS and game theory. In: 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security), 19–20 June 2017, pp. 1–6 (2017)

Doynikova, E., Kotenko, I.: CVSS-based probabilistic risk assessment for cyber situational awareness and countermeasure selection. In: 2017 25th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP), 6–8 March 2017, pp. 345–353 (2017)

Kiwia, D., Dehghantanha, A., Choo, K.-K.R., Slaughter, J.: A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence. J. Comput. Sci. (2017)

Mohsin, M., Anwar, Z.: Where to kill the cyber kill-chain: an ontology-driven framework for IoT security analytics. In: 2016 International Conference on Frontiers of Information Technology (FIT), 19–21 December 2016, pp. 23–28 (2016)

Liu, Y., et al.: A colored generalized stochastic Petri net simulation model for service reliability evaluation of active-active cloud data center based on IT infrastructure. In: 2017 IEEE Military Communications Conference (MILCOM), 20–22 December 2017, pp. 51–56 (2017)

Jammal, M., et al.: Evaluating high availability-aware deployments using stochastic petri net model and cloud scoring selection tool. IEEE Trans. Serv. Comput. 2017(99), 1 (2017)

10.

Utomo, S.B., Hendradjaya, B.: Usability testing and evaluation of smart culinary system based on cyber-physical-social system. In: 2017 International Conference on Information Technology Systems and Innovation (ICITSI), 23–24 October 2017, pp. 219–222 (2017)

11.

Lin, Y., Quan, Y.: Dynamially-enabled cyberspace defense. In: The People’s Posts and Telecommunications Press, 1st ed., pp. 214–215. Posts & Telecom Press, Beijing (2016)

12.

Liu, Y., Hu, S., Ho, T.-Y.: Vulnerability assessment and defense technology for smart home cybersecurity considering pricing cyberattacks. In: Computer-Aided Design (ICCAD), 08 January 2015, pp. 183–190. IEEE (2015)

13.

Antunes, N., Vieira, M.: Defending against web application vulnerabilities. Computer 45(2), 66–72 (2011)CrossRef

14.

Salamat, B., Jackson, T., Wagner, G., et al.: Runtime defense against code injection attacks using replicated execution. IEEE Trans. Dependable Secure Comput. 8(4), 588–601 (2011)CrossRef

15.

Qixu, L., Yubin, Z., Yuqing, Z., et al.: Research on key technologies of security vulnerability classification. J. Commun. 2012(s1), 79–87 (2012)

16.

Srivatsa, M., Liu, L.: Vulnerabilities and security threats in structured overlay networks: a quantitative analysis. In: 2004 20th Annual Computer Security Applications Conference, 17 January 2005, pp. 252–261. IEEE (2005)

17.

Li, X., Chang, X., Board, J.A., et al.: A novel approach for software vulnerability classification. In: 2017 Annual Reliability and Maintainability Symposium (RAMS), 30 March 2017, pp. 1–7. IEEE (2017)

18.

Shuyuan, J., Yong, W., Xiang, C., et al.: A review of classification method for network vulnerability. In: 2009 IEEE International Conference on System, Man and Cybernetics (SMC), 04 December 2009, pp. 1171–1175. IEEE (2009)

19.

Choudhury, T., et al.: Privacy and security of cloud-based internet of things (IoT). In: 2017 3rd International Conference on Computational Intelligence and Networks (CINE), 28 October 2017, pp. 40–45 (2017)

20.

Khan, N., et al.: Performance analysis of security algorithms for IoT devices. In: 2017 IEEE Region 10 Humanitarian Technology Conference (R10-HTC), 21–23 December 2017, pp. 130–133 (2017)

21.

Waz, I.R., et al.: Internet of things (IoT) security platforms. In: 2017 12th International Conference on Computer Engineering and Systems (ICCES), 19–20 December 2017, pp. 500–507 (2017)

Titel: Dynamic-Enabled Defense Strategy Base on Improved CVSS for the Home Internet
verfasst von: Chunru Zhou
Min Lei
Kunchang Li
Li Xu
Wei Bi
Verlag: Springer International Publishing
Buch: Cloud Computing and Security
Print ISBN: 978-3-030-00017-2

Electronic ISBN: 978-3-030-00018-9

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-030-00018-9_27

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"