Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

An empirical risk management framework for monitoring network security

Awan, Malik, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Rana, Omer Farooq ORCID: https://orcid.org/0000-0003-3597-2646 2015. An empirical risk management framework for monitoring network security. Presented at: IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM),, Liverpool, UK, 26-28 October 2015. Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on. IEEE, pp. 1764-1771. 10.1109/CIT/IUCC/DASC/PICOM.2015.266

Full text not available from this repository.

Abstract

Inherent vulnerabilities in software applications running in a computer network, bringing in personal devices to the network on an ad-hoc basis, a growing trend of network users accessing Web and utilise Cloud services remotely, and increasingly mature and stealthy techniques used by cyber-criminals have left the whole network vulnerable to cyber-attacks. This requires a network administrator to better understand the dynamic threat landscape and its associated risks so that appropriate security controls and policies could be applied as a countermeasure against existing and new cyber-attacks. However, measuring the risk of cyber attacks and identifying the most recent modus-operandi of cyber criminals on large computer networks can be difficult due to the wide range of services and applications running within the network, the multiple vulnerabilities associated with each application, the severity associated with each vulnerability, and the ever-changing attack vector of cyber criminals. In this paper we propose a framework to represent these features, enabling real-time network enumeration and traffic analysis to be carried out, in order to produce quantified measures of risk at specific points in time. We validate the approach using real-network data from a University network and show how the data can be used to understand the attack patterns and their trends.

Item Type: Conference or Workshop Item (Paper)
Status: Published
Schools: Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Publisher: IEEE
ISBN: 9781509001538
Funders: Engineering and Physical Sciences Research Council
Last Modified: 18 Nov 2022 03:42
URI: https://orca.cardiff.ac.uk/id/eprint/87607

Actions (repository staff only)

Edit Item Edit Item