Classification of Attributes and Behavior in Risk Management Using Bayesian Networks Metadata

Metadata describes a digital item, providing (if known) such information as creator, publisher, contents, size, relationship to other resources, and more. Metadata may also contain "preservation" components that help us to maintain the integrity of digital files over time.

Title

  • Main Title Classification of Attributes and Behavior in Risk Management Using Bayesian Networks

Creator

  • Author: Dantu, Ram
    Creator Type: Personal
    Creator Info: University of North Texas
  • Author: Kolan, Prakash
    Creator Type: Personal
    Creator Info: University of North Texas
  • Author: Loper, Kall
    Creator Type: Personal
    Creator Info: University of North Texas
  • Author: Akl, Robert G.
    Creator Type: Personal
    Creator Info: University of North Texas

Contributor

  • Organizer of meeting: Institute of Electrical and Electronics Engineers
    Contributor Type: Organization

Date

  • Creation: 2007-03

Language

  • English

Description

  • Content Description: This paper discusses issues in security.
  • Physical Description: 4 p.

Subject

  • Keyword: attack graphs
  • Keyword: behaviors
  • Keyword: risk management
  • Keyword: belief networks
  • Keyword: security

Source

  • Conference: Institute of Electrical and Electronics Engineers International Conference on Portable Information Devices, 2007, Orlando, Florida, United States

Collection

  • Name: UNT Scholarly Works
    Code: UNTSW

Institution

  • Name: UNT College of Engineering
    Code: UNTCOE

Rights

  • Rights Access: public

Resource Type

  • Paper

Format

  • Text

Identifier

  • Archival Resource Key: ark:/67531/metadc30836

Degree

  • Academic Department: Computer Science and Engineering

Note

  • Display Note: Abstract: Security administration is an uphill task to implement in an enterprise network providing secured corporate services. With the slew of patches being released by network component vendors, system administrators require a barrage of tools for analyzing the risk due to vulnerabilities in those components. In addition, criticalities in patching some end hosts raises serious security issues about the network to which the end hosts are connected. In this context, it would be imperative to know the risk level of all critical resources keeping in view the everyday emerging new vulnerabilities. The authors hypothesize that sequence of network actions by attackers depends on their social and attack profile (behavioral resources such as skill level, time, and attitude). To estimate the types of attack behavior, the athors surveyed individuals for their ability and attack intent. Using the individuals' responses, the authors determined their behavioral resources and classified them as having opportunist, hacker, or explorer behavior. The profile behavioral resources can be used for determining risk by an attacker having that profile. Thus, suitable vulnerability analysis and risk management strategies can be formulated to efficiently curtail the risk from different types of attackers.