Title :
Bottom-up hierarchical real-time risk assessment for information system
Author :
Wan Li ; Shengfeng Tian
Author_Institution :
Inf. Eng. Dept., Beijing Inf. Technol. Coll., Beijing, China
Abstract :
In this paper a bottom-up hierarchical real-time risk assessment approach based on risk propagation is presented. The approach calculates risks of services, hosts and network caused by attack processes in real-time. Risk index and risk status are used to quantify the risk situation. These two concepts are involved with three aspects of attacks: severity, certainty and successful possibility, and with the importance of the assets. Algorithms to calculate the risk index and risk status are proposed, and implementation is briefly introduced. Risk status decay is also proposed, which is important to adaptive response.
Keywords :
information systems; risk analysis; security of data; attack certainty; attack processes; attack severity; bottom-up hierarchical real-time risk assessment approach; host risks; information system; network risks; risk index; risk propagation; risk situation quantification; risk status decay; service risks; successful attack possibility; Correlation; Indexes; Intrusion detection; Real-time systems; Risk management;
Conference_Titel :
Information Science and Technology (ICIST), 2013 International Conference on
Conference_Location :
Yangzhou
Print_ISBN :
978-1-4673-5137-9
DOI :
10.1109/ICIST.2013.6747693
