A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

Le, NT; Hoang, DB

A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

Le, NT

Hoang, DB

Permalink

Publication Type:: Journal Article
Citation:: Australian Journal of Telecommunications and the Digital Economy, 2019, 7 (1), pp. 37 - 56
Issue Date:: 2019-01-01

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download Published VersionAdobe PDF (728.75 kB)

View on publisher's site

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Le, NT https://orcid.org/0000-0003-0019-0345	en_US
dc.contributor.author	Hoang, DB https://orcid.org/0000-0003-1798-4926	en_US
dc.date.issued	2019-01-01	en_US
dc.identifier.citation	Australian Journal of Telecommunications and the Digital Economy, 2019, 7 (1), pp. 37 - 56	en_US
dc.identifier.issn	2203-1693	en_US
dc.identifier.uri	http://hdl.handle.net/10453/132982
dc.description.abstract	Copyright © 2019 Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks.	en_US
dc.relation.ispartof	Australian Journal of Telecommunications and the Digital Economy	en_US
dc.relation.isbasedon	10.18080/jtde.v7n1.181	en_US
dc.title	A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security	en_US
dc.type	Journal Article
utslib.citation.volume	1	en_US
utslib.citation.volume	7	en_US
utslib.for	0805 Distributed Computing	en_US
utslib.for	1005 Communications Technologies	en_US
utslib.for	1801 Law	en_US
utslib.for	2001 Communication and Media Studies	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
utslib.copyright.status	open_access
pubs.issue	1	en_US
pubs.publication-status	Published	en_US
pubs.volume	7	en_US

Abstract:

Copyright © 2019 Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/132982