Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Bayer, Arda, Maluf, David, Aazhang, Behnaam
Format: Preprint
Veröffentlicht: 2025
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2501.16487
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866916586410999808
author Bayer, Arda
Maluf, David
Aazhang, Behnaam
author_facet Bayer, Arda
Maluf, David
Aazhang, Behnaam
contents Cyber networks are fundamental to many organization's infrastructure, and the size of cyber networks is increasing rapidly. Risk measurement of the entities/endpoints that make up the network via available knowledge about possible threats has been the primary tool in cyber network security. However, the dynamic behavior of the entities and the sparsity of risk-measurable points are limiting factors for risk measurement strategies, which results in poor network visibility considering the volatility of cyber networks. This work proposes a new probabilistic risk estimation approach to network security, NRE, which operates on top of existing risk measurements. The proposed method NRE extracts relationships among system components from the network connection data, models risk propagation based on the learned relationships and refines the estimates whenever risk measurements are provided. In this work, (i) the risk estimation scheme is proposed, (ii) an application of quantitative risk estimates is devised, (iii) descriptiveness of the risk estimates are compared to a pure risk measurement alternative and (iv) low computational complexity of the proposed method is illustrated capable of real-time deployment. The proposed method, NRE, is ultimately a quantitative data-driven risk assessment tool that can be used to add security aspects to existing network functions, such as routing, and it provides a robust description of the network state in the presence of threats, capable of running in real-time.
format Preprint
id arxiv_https___arxiv_org_abs_2501_16487
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Network Risk Estimation: A Risk Estimation Paradigm for Cyber Networks
Bayer, Arda
Maluf, David
Aazhang, Behnaam
Systems and Control
Cyber networks are fundamental to many organization's infrastructure, and the size of cyber networks is increasing rapidly. Risk measurement of the entities/endpoints that make up the network via available knowledge about possible threats has been the primary tool in cyber network security. However, the dynamic behavior of the entities and the sparsity of risk-measurable points are limiting factors for risk measurement strategies, which results in poor network visibility considering the volatility of cyber networks. This work proposes a new probabilistic risk estimation approach to network security, NRE, which operates on top of existing risk measurements. The proposed method NRE extracts relationships among system components from the network connection data, models risk propagation based on the learned relationships and refines the estimates whenever risk measurements are provided. In this work, (i) the risk estimation scheme is proposed, (ii) an application of quantitative risk estimates is devised, (iii) descriptiveness of the risk estimates are compared to a pure risk measurement alternative and (iv) low computational complexity of the proposed method is illustrated capable of real-time deployment. The proposed method, NRE, is ultimately a quantitative data-driven risk assessment tool that can be used to add security aspects to existing network functions, such as routing, and it provides a robust description of the network state in the presence of threats, capable of running in real-time.
title Network Risk Estimation: A Risk Estimation Paradigm for Cyber Networks
topic Systems and Control
url https://arxiv.org/abs/2501.16487