A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.

Jing, X; Hu, H; Yang, H; Au, MH; Li, S; Xiong, N; Imran, M; Vasilakos, AV

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.

Jing, X Hu, H Yang, H Au, MH Li, S Xiong, N Imran, M Vasilakos, AV

Permalink

Publisher:: MDPI
Publication Type:: Journal Article
Citation:: Sensors (Basel), 2017, 17, (3), pp. 1-28
Issue Date:: 2017-03-21

Closed Access

	Filename	Description	Size
	A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructur.pdf	Published version	3.5 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Jing, X
dc.contributor.author	Hu, H
dc.contributor.author	Yang, H
dc.contributor.author	Au, MH
dc.contributor.author	Li, S
dc.contributor.author	Xiong, N
dc.contributor.author	Imran, M
dc.contributor.author	Vasilakos, AV
dc.date.accessioned	2022-08-24T03:50:55Z
dc.date.available	2017-03-16
dc.date.available	2022-08-24T03:50:55Z
dc.date.issued	2017-03-21
dc.identifier.citation	Sensors (Basel), 2017, 17, (3), pp. 1-28
dc.identifier.issn	1424-8239
dc.identifier.issn	1424-8220
dc.identifier.uri	http://hdl.handle.net/10453/160769
dc.description.abstract	The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider's server contains a lot of valuable resources. LoBSs' users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs' risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs' risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing.
dc.format	Electronic
dc.language	eng
dc.publisher	MDPI
dc.relation.ispartof	Sensors (Basel)
dc.relation.isbasedon	10.3390/s17030642
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	0301 Analytical Chemistry, 0502 Environmental Science and Management, 0602 Ecology, 0805 Distributed Computing, 0906 Electrical and Electronic Engineering
dc.subject.classification	Analytical Chemistry
dc.title	A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.
dc.type	Journal Article
utslib.citation.volume	17
utslib.location.activity	Switzerland
utslib.for	0301 Analytical Chemistry
utslib.for	0502 Environmental Science and Management
utslib.for	0602 Ecology
utslib.for	0805 Distributed Computing
utslib.for	0906 Electrical and Electronic Engineering
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
utslib.copyright.status	closed_access	*
pubs.consider-herdc	false
dc.date.updated	2022-08-24T03:50:49Z
pubs.issue	3
pubs.publication-status	Published
pubs.volume	17
utslib.citation.issue	3

Abstract:

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider's server contains a lot of valuable resources. LoBSs' users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs' risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs' risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/160769