Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
A Server-Assisted Hash-Based Signature Scheme Read chapter Read first chapter

2017 | OriginalPaper | Chapter

Bayesian Network Models in Cyber Security: A Systematic Review

Authors : Sabarathinam Chockalingam, Wolter Pieters, André Teixeira, Pieter van Gelder

Published in: Secure IT Systems

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also exemplified by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 8 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter PARTS – Privacy-Aware Routing with Transportation Subgraphs
next chapter Improving and Measuring Learning Effectiveness at Cyber Defense Exercises
Literature
1.
WEF: Partnering for Cyber Resilience: Towards the Quantification of Cyber Threats (2015)
2.
Yu, S., Wang, G., Zhou, W.: Modeling malicious activities in cyber space. IEEE Netw. 29, 83–87 (2015)CrossRef
3.
Ben-Gal, I.: Bayesian Networks. Encyclopedia of Statistics in Quality and Reliability. Wiley, Hoboken (2008)
4.
5.
Landuyt, D., et al.: A review of Bayesian belief networks in ecosystem service modelling. Environ. Model. Softw. 46, 1–11 (2013)CrossRef
6.
Uusitalo, L.: Advantages and challenges of Bayesian networks in environmental modelling. Ecol. Model. 203, 312–318 (2007)CrossRef
7.
Nikovski, D.: Constructing Bayesian networks for medical diagnosis from incomplete and partially correct statistics. IEEE Trans. Knowl. Data Eng. 12(4), 509–516 (2000)CrossRef
8.
Nakatsu, R.T.: Reasoning with Diagrams: Decision-Making and Problem-Solving with Diagrams. Wiley, Hoboken (2009)CrossRef
9.
Phan, T.D., et al.: Applications of Bayesian belief networks in water resource management: a systematic review. Environ. Model. Softw. 85, 98–111 (2016)CrossRef
10.
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13, 1–38 (2014)CrossRefMATH
11.
Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9, 61–74 (2012)CrossRef
12.
Frigault, M., Wang, L.: Measuring network security using Bayesian network-based attack graphs. IEEE (2008)
13.
Liu, Y., Man, H.: Network vulnerability assessment using Bayesian networks. In: Proceedings of the SPIE, pp. 61–71 (2005)
14.
Kwan, M., Chow, K.-P., Law, F., Lai, P.: Reasoning about evidence using Bayesian networks. In: IFIP International Conference on Digital Forensics, pp. 275–289 (2008)
15.
Axelrad, E.T., Sticha, P.J., Brdiczka, O., Shen, J.: A Bayesian network model for predicting insider threats. In: Security and Privacy Workshops, pp. 82–89 (2013)
16.
Greitzer, F.L., et al.: Identifying at-risk employees: modeling psychosocial precursors of potential insider threats. In: Hawaii International Conference on System Science (HICSS), pp. 2392–2401 (2012)
17.
Greitzer, F.L., et al.: Identifying at-risk employees: a behavioral model for predicting potential insider threats. Pacific Northwest National Laboratory (2010)
18.
Pecchia, A., et al.: Identifying compromised users in shared computing infrastructures: a data-driven bayesian network approach. In: 2011 30th IEEE Symposium on Reliable Distributed Systems (SRDS), pp. 127–136. IEEE (2011)
19.
Shin, J., Son, H., Heo, G.: Development of a cyber security risk model using Bayesian networks. Reliab. Eng. Syst. Saf. 134, 208–217 (2015)CrossRef
20.
Kornecki, A.J., Subramanian, N., Zalewski, J.: Studying interrelationships of safety and security for software assurance in cyber-physical systems: approach based on bayesian belief networks. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 1393–1399. IEEE (2013)
21.
Wang, J.A., Guo, M.: Vulnerability categorization using Bayesian networks. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, p. 29. ACM (2010)
22.
Mo, S.Y.K., Beling, P.A., Crowther, K.G.: Quantitative assessment of cyber security risk using Bayesian network-based model. In: 2009 Systems and Information Engineering Design Symposium, SIEDS 2009, pp. 183–187. IEEE (2009)
23.
Holm, H., Korman, M., Ekstedt, M.: A bayesian network model for likelihood estimations of acquirement of critical software vulnerabilities and exploits. Inf. Softw. Technol. 58, 304–318 (2015)CrossRef
24.
Kwan, M., Chow, K.-P., Lai, P., Law, F., Tse, H.: Analysis of the digital evidence presented in the Yahoo! case. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2009. IAICT, vol. 306, pp. 241–252. Springer, Heidelberg (2009). doi:10.​1007/​978-3-642-04155-6_​18 CrossRef
25.
Ibrahimović, S., Bajgorić, N.: Modeling information system availability by using Bayesian belief network approach. Interdisc. Description Complex Syst. 14, 125–138 (2016)CrossRef
26.
Wilde, L.: A Bayesian Network Model for predicting data breaches caused by insiders of a health care organization. University of Twente (2016)
27.
Herland, K., Hammainen, H., Kekolahti, P.: Information security risk assessment of smartphones using Bayesian networks. J. Cyber Secur. Mobility 4, 65–85 (2016)CrossRef
28.
Herland, K.: Information security risk assessment of smartphones using Bayesian networks. Aalto University, Finland (2015)
29.
Apukhtin, V.: Bayesian Network Modeling for Analysis of Data Breach in a Bank. University of Stavanger, Norway (2011)
30.
Khosravi-Farmad, M., Rezaee, R., Harati, A., Bafghi, A.G.: Network security risk mitigation using Bayesian decision networks. In: 4th International eConference on Computer and Knowledge Engineering (ICCKE), pp. 267–272. IEEE (2014)
31.
Pan, S., Morris, T.H., Adhikari, U., Madani, V.: Causal event graphs cyber-physical system intrusion detection system. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, p. 40. ACM (2013)
32.
Frigault, M., et al.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM Workshop on Quality of Protection, pp. 23–30 (2008)
33.
Sarala, R., Kayalvizhi, M., Zayaraz, G.: Information security risk assessment under uncertainty using dynamic Bayesian networks. Int. J. Res. Eng. Technol. 3, 304–309 (2014)
34.
Tang, K., Zhou, M.-T., Wang, W.-Y.: Insider cyber threat situational awareness framwork using dynamic Bayesian networks. In: 2009 4th International Conference on Computer Science and Education, ICCSE 2009, pp. 1146–1150. IEEE (2009)
35.
Sommestad, T., Ekstedt, M., Johnson, P.: Cyber security risks assessment with Bayesian defense graphs and architectural models. In: 2009 42nd Hawaii International Conference on System Sciences, HICSS 2009, pp. 1–10. IEEE (2009)
36.
Ekstedt, M., Sommestad, T.: Enterprise architecture models for cyber security analysis. In: Power Systems Conference and Exposition, pp. 1–6. IEEE (2009)
37.
Laskey, K., et al.: Detecting threatening behavior using Bayesian networks. In: Conference on Behavioral Representation in Modeling and Simulation, p. 33 (2006)
38.
AlGhamdi, G., et al.: Modeling insider behavior using multi-entity Bayesian networks (2006)
39.
Okoli, C., Schabram, K.: A guide to conducting a systematic literature review of information systems research. Sprouts: Working Papers on Information Systems, vol. 10 (2010)
40.
Meho, L.I.: The rise and rise of citation analysis. Phys. World 20, 32 (2007)CrossRef
41.
Marcot, B.G., Steventon, J.D., Sutherland, G.D., McCann, R.K.: Guidelines for developing and updating Bayesian belief networks applied to ecological modeling and conservation. Can. J. For. Res. 36, 3063–3074 (2006)CrossRef
42.
Alberts, C., Dorofee, A.: OCTAVESM Threat Profiles
43.
Bureau, F.I.P.: Unintentional Insider Threats: A Foundational Study (2013)
44.
45.
Andress, A.: Surviving Security: How to Integrate People, Process, and Technology. CRC Press, Boca Raton (2003)CrossRef
46.
Cyber Security Intelligence Index. IBM Security (2016)
47.
Greitzer, F.L., et al.: Unintentional insider threat: contributing factors, observables, and mitigation strategies. In: 2014 47th Hawaii International Conference on System Sciences (HICSS), pp. 2025–2034. IEEE (2014)
48.
Antonioli, D., et al.: Gamifying Education and Research on ICS Security: Design, Implementation and Results of S3. arXiv preprint arXiv:​1702.​03067 (2017)
49.
50.
Lippmann, R.P., Ingols, K.W.: An annotated review of past papers on attack graphs. Massachusetts Institute of Technology Lincoln Laboratory, Lexington (2005)
51.
Bobbio, A., Portinale, L., Minichino, M., Ciancamerla, E.: Improving the analysis of dependable systems by mapping fault trees into Bayesian networks. Reliab. Eng. Syst. Saf. 71, 249–260 (2001)CrossRef
52.
Khakzad, N., Khan, F., Amyotte, P.: Safety analysis in process facilities: comparison of fault tree and Bayesian network approaches. Reliab. Eng. Syst. Saf. 96, 925–932 (2011)CrossRef
53.
Chockalingam, S., et al.: Integrated safety and security risk assessment methods: a survey of key characteristics and applications. In: International Conference on Critical Information Infrastructures Security (CRITIS), Paris (2016)
54.
Salem, M.B., Hershkop, S., Stolfo, S.J.: A Survey of Insider Attack Detection Research. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security. Advances in Information Security, vol. 39. Springer, Boston (2008)CrossRef
Metadata
Title
Bayesian Network Models in Cyber Security: A Systematic Review
Authors
Sabarathinam Chockalingam
Wolter Pieters
André Teixeira
Pieter van Gelder
Copyright Year
2017
Book
Secure IT Systems

Print ISBN: 978-3-319-70289-6

Electronic ISBN: 978-3-319-70290-2

Copyright Year: 2017

DOI
https://doi.org/10.1007/978-3-319-70290-2_7

Premium Partner

    Image Credits