Threat analysis model of an agent-based vulnerability mitigation mechanism using Bayesian Belief Networks

Author

Al-Salloum, Ziyad S. ; Wolthusen, Stephen D.

Author_Institution

Inf. Security Group, Univ. of London, Egham, UK

fYear

2011

fDate

22-24 June 2011

Firstpage

144

Lastpage

151

Abstract

In this paper we propose a threat analysis model based on Bayesian Belief Networks to analyze and quantify threats towards an Agent-Based Host Enumeration and Vulnerability Scanning Mechanism. Based on several threat scenarios, the model also determines the risks posed towards the mechanism´s duty of assessment within the enterprise network. The model construct threats scenarios based on sequenced structure and also forms a multi-scenario threat BBN, where malicious behaviors are interdependent and threat performance aspects are adjusted using network and mechanism specific parameters. Based on predetermined event probabilities within these interdependent structures, threat scenarios likelihoods and risks are driven.

Keywords

belief networks; multi-agent systems; security of data; Bayesian belief network; agent based host enumeration; agent based vulnerability mitigation mechanism; malicious behavior; multiscenario threat BBN; threat analysis model; vulnerability scanning mechanism; Bayesian methods; Bridges; Computer aided manufacturing; Local area networks; Plugs; Switches; Bayesian Belief Networks; Probabilistic computation; Threat Modeling;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Science Workshop (NSW), 2011 IEEE

Conference_Location

West Point, NY

Print_ISBN

978-1-4577-1049-0

Type

conf

DOI

10.1109/NSW.2011.6004638

Filename

6004638