|Awan, Malik S. K., Burnap, Peter, Rana, Omer Farooq and Javed, Amir 2015. Continuous monitoring and assessment of cybersecurity risks in large computing infrastructures. Presented at: 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC, New York City, NY, USA, 24-26 August 2015. High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on. IEEE, pp. 1442-1447. 10.1109/HPCC-CSS-ICESS.2015.224|
The dynamic and increasingly stealthy techniques used by cyber criminals to target critical computing infrastructure of an organization requires appropriate response mechanism on the part of the organization. Government agencies and regulatory bodies are imposing the requirements of risk assessments on a continuous basis. One important aspect of continuous risk monitoring is using a suitable risk scoring algorithm, which could help determine a risk score more efficiently. The existing risk scoring mechanism involves subjective and human-based qualitative inputs that are both labour intensive, and result in ambiguous and inconclusive results. We propose a new metric for measuring risk based on objective parameters extracted from real-time traffic logs. The metric has been validated using malicious traffic data pertaining to seven most frequently occurring threats in a network environment. We demonstrate and discuss the suitability of the metric for continuous monitoring of risk bycomparing with a snapshot based risk monitoring mechanism.
|Item Type:||Conference or Workshop Item (Paper)|
|Schools:||Computer Science & Informatics|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
|Last Modified:||04 Mar 2017 06:36|
Actions (repository staff only)