A Bayesian-Network-Based Framework for Risk Analysis and Decision Making in Cybersecurity
Abstract
Many approaches have been proposed to define, measure and manage cybersecurity
risk. A common theme underpinning Cybersecurity Risk Assessment (CRA)
involves modelling relationships between risk factors and the use of statistical and
probabilistic inference to calculate risk. This thesis focuses on the use of Bayesian
Networks (BNs) for this dual purpose. The application of BNs to CRA was a nontrivial
task while with the computational efficiency and flexibility of BN algorithms
has improved such that they can now be widely applied to solve a variety of CRA
problems. One such advance is in Hybrid Bayesian Networks (HBNs) to support
inference in models containing discrete and continuous variables. HBNs are now
routinely used for prediction and diagnostic inference tasks and have been extended,
in the form of Influence Diagrams (IDs), to support decision making tasks.
This thesis proposes an HBN based CRA framework for comprehensive
cybersecurity causal risk analysis and probabilistic calculation. We introduce causal
risk analysis into cybersecurity problems and use a kill chain model to illustrate
how causal analysis can guide the cybersecurity risk modelling. The proposed
framework is flexible and extensible in a way that it can incorporate other CRA
models built using BNs. We illustrate this by showing how the framework can
incorporate risk analysis models of both organizational and technical perspectives.
For organizational risk analysis, where the focus is on defending information
assets/systems of organizations in an economically efficient way, the thesis shows
how BNs can be used for modelling causal/probabilistic relationship between
involved variables and conducting risk assessment. For technical risk analysis,
which is motived by the perspective of cybersecurity analysts, it argues that IDs can
be used to model the game between the defender and the attacker in a cybersecurity
problem, calculate risks and support designing optimal cyber defenses dynamically.
Authors
Wang, JialiCollections
- Theses [4235]