scholarly journals A Framework for Real-Time Intrusion Response in Software Defined Networking Using Precomputed Graphical Security Models

2020 ◽  
Vol 2020 ◽  
pp. 1-15
Author(s):  
Taehoon Eom ◽  
Jin B. Hong ◽  
SeongMo An ◽  
Jong Sou Park ◽  
Dong Seong Kim
Keyword(s):  
Real Time ◽  
Network Flow ◽  
Software Defined Networking ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Security Metrics ◽  
Intrusion Response ◽  
Security Models ◽  
Flow Table ◽  
Attack Trees

Software defined networking (SDN) has been adopted in many application domains as it provides functionalities to dynamically control the network flow more robust and more economical compared to the traditional networks. In order to strengthen the security of the SDN against cyber attacks, many security solutions have been proposed. However, those solutions need to be compared in order to optimize the security of the SDN. To assess and evaluate the security of the SDN systematically, one can use graphical security models (e.g., attack graphs and attack trees). However, it is difficult to provide defense against an attack in real time due to their high computational complexity. In this paper, we propose a real-time intrusion response in SDN using precomputation to estimate the likelihood of future attack paths from an ongoing attack. We also take into account various SDN components to conduct a security assessment, which were not available when addressing only the components of an existing network. Our experimental analysis shows that we are able to estimate possible attack paths of an ongoing attack to mitigate it in real time, as well as showing the security metrics that depend on the flow table, including the SDN component. Hence, the proposed approach can be used to provide effective real-time mitigation solutions for securing SDN.

Metric Based Security Assessment

2008 ◽  
pp. 1396-1415
Author(s):  
James E. Goldman ◽  
Vaughn R. Christie
Keyword(s):  
Information Security ◽  
Assessment Tool ◽  
Maturity Model ◽  
Security Assessment ◽  
Self Assessment ◽  
Security Metrics ◽  
Capability Maturity ◽  
Security Models ◽  
Organization's Information Security ◽  
Systems Security Engineering

This chapter introduces the Metrics Based Security Assessment (MBSA) as a means of measuring an organization’s information security maturity. It argues that the historical (i.e., first through third generations) approaches used to assess/ensure system security are not effective and thereby combines the strengths of two industry proven information security models, the ISO 17799 Standard and the Systems Security Engineering Capability Maturity Model (SSE-CMM), to overcome their inherent weaknesses. Furthermore, the authors trust that the use of information security metrics will enable information security practitioners to measure their information security efforts in a more consistent, reliable, and timely manner. Such a solution will allow a more reliable qualitative measurement of the return achieved through given information security investments. Ultimately, the MBSA will allow professionals an additional, more robust self-assessment tool in answering management questions similar to: “How secure are we?”

Metrics Based Security Assessment

2011 ◽  
pp. 261-288 ◽  
Author(s):  
James E. Goldman ◽  
Vaughn R. Christie
Keyword(s):  
Information Security ◽  
Assessment Tool ◽  
Maturity Model ◽  
Security Assessment ◽  
Self Assessment ◽  
Security Metrics ◽  
Capability Maturity ◽  
Security Models ◽  
Organization's Information Security ◽  
Systems Security Engineering

This chapter introduces the Metrics Based Security Assessment (MBSA) as a means of measuring an organization’s information security maturity. It argues that the historical (i.e., first through third generations) approaches used to assess/ensure system security are not effective and thereby combines the strengths of two industry proven information security models, the ISO 17799 Standard and the Systems Security Engineering Capability Maturity Model (SSE-CMM), to overcome their inherent weaknesses. Furthermore, the authors trust that the use of information security metrics will enable information security practitioners to measure their information security efforts in a more consistent, reliable, and timely manner. Such a solution will allow a more reliable qualitative measurement of the return achieved through given information security investments. Ultimately, the MBSA will allow professionals an additional, more robust self-assessment tool in answering management questions similar to: “How secure are we?”

A Systematic Review and Catalog of Security Metric during the Secure Software Development Life Cycle

2020 ◽  
Vol 13 ◽  
Author(s):  
Sampada G.C ◽  
Tende Ivo Sake ◽  
Amrita
Keyword(s):  
Systematic Review ◽  
Life Cycle ◽  
Software Development ◽  
Software Security ◽  
Security Assessment ◽  
Security Metrics ◽  
Development Life Cycle ◽  
Development Processes ◽  
Secure Software Development ◽  
Software Development Life Cycle

Background: With the advancement in the field of software development, software poses threats and risks to customers’ data and privacy. Most of these threats are persistent because security is mostly considered as a feature or a non-functional requirement, not taken into account during the software development life cycle (SDLC). Introduction: In order to evaluate the security performance of a software system, it is necessary to integrate the security metrics during the SDLC. The appropriate security metrics adopted for each phase of SDLC aids in defining the security goals and objectives of the software as well as quantify the security in the software. Methods: This paper presents systematic review and catalog of security metrics that can be adopted during the distinguishable phases of SDLC, security metrics for vulnerability and risk assessment reported in the literature for secure development of software. The practices of these metrics enable software security experts to improve the security characteristics of the software being developed. The critical analysis of security metrics of each phase and their comparison are also discussed. Results: Security metrics obtained during the development processes help to improve the confidentiality, integrity, and availability of software. Hence, it is imperative to consider security during the development of the software, which can be done with the use of software security metrics. Conclusion: This paper reviews the various security metrics that are meditated in the copious phases during the progression of the SDLC in order to provide researchers and practitioners with substantial knowledge for adaptation and further security assessment.

scholarly journals Design of a dynamic and self-adapting system, supported with artificial intelligence, machine learning and real-time intelligence for predictive cyber risk analytics in extreme environments – cyber risk in the colonisation of Mars

2021 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Kevin Page ◽  
Max Van Kleek ◽  
Omar Santos ◽  
...  
Keyword(s):  
Artificial Intelligence ◽  
Machine Learning ◽  
Real Time ◽  
Cyber Security ◽  
Extreme Environments ◽  
Learning Technologies ◽  
Cyber Attacks ◽  
Edge Computing ◽  
Mathematical Formulas ◽  
Cyber Risk

AbstractMultiple governmental agencies and private organisations have made commitments for the colonisation of Mars. Such colonisation requires complex systems and infrastructure that could be very costly to repair or replace in cases of cyber-attacks. This paper surveys deep learning algorithms, IoT cyber security and risk models, and established mathematical formulas to identify the best approach for developing a dynamic and self-adapting system for predictive cyber risk analytics supported with Artificial Intelligence and Machine Learning and real-time intelligence in edge computing. The paper presents a new mathematical approach for integrating concepts for cognition engine design, edge computing and Artificial Intelligence and Machine Learning to automate anomaly detection. This engine instigates a step change by applying Artificial Intelligence and Machine Learning embedded at the edge of IoT networks, to deliver safe and functional real-time intelligence for predictive cyber risk analytics. This will enhance capacities for risk analytics and assists in the creation of a comprehensive and systematic understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when Artificial Intelligence and Machine Learning technologies are migrated to the periphery of the internet and into local IoT networks.

Sectional Data Acquisition and Control System for Solar Street Lamps Based on Internet of Things

2013 ◽  
Vol 773 ◽  
pp. 148-153 ◽  
Author(s):  
Juan Zhou ◽  
Bing Yan Chen ◽  
Meng Ni Zhang ◽  
Ying Ying Tang
Keyword(s):  
Control System ◽  
Internet Of Things ◽  
Data Acquisition ◽  
Real Time ◽  
Network Flow ◽  
Short Interval ◽  
Management Problem ◽  
Time Data ◽  
Control Centre ◽  
And Control

Aiming at the management problem of real-time data created while intelligent solar street lamps working, sectional data acquisition and control system based on internet of things is introduced in the paper. Communication protocol with unified form and flexible function is designed in the system, and communication address is composed of sectional address and subsection address. Three-level data structure is built in the polling algorithm to trace real-time state of lamps and to detect malfunction in time, which is suitable for sectional lamps management characteristics. The system reflects necessary statistic data and exception information to remote control centre through GPRS to short interval expend on transmission and procession and save network flow and system energy. The result shows the system brings improved management affection and accords with the idea of energy-saving and environmental protection.

Sign in / Sign up

Export Citation Format

Share Document