The Experts below are selected from a list of 35769 Experts worldwide ranked by ideXlab platform
Renato Levy - One of the best experts on this subject based on the ideXlab platform.
-
using bayesian networks for cyber Security Analysis
Dependable Systems and Networks, 2010Co-Authors: Peng Xie, Jason H Li, Peng Liu, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
-
DSN - Using Bayesian networks for cyber Security Analysis
2010 IEEE IFIP International Conference on Dependable Systems & Networks (DSN), 2010Co-Authors: Jason H Li, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
Peng Xie - One of the best experts on this subject based on the ideXlab platform.
-
using bayesian networks for cyber Security Analysis
Dependable Systems and Networks, 2010Co-Authors: Peng Xie, Jason H Li, Peng Liu, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
Jason H Li - One of the best experts on this subject based on the ideXlab platform.
-
using bayesian networks for cyber Security Analysis
Dependable Systems and Networks, 2010Co-Authors: Peng Xie, Jason H Li, Peng Liu, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
-
DSN - Using Bayesian networks for cyber Security Analysis
2010 IEEE IFIP International Conference on Dependable Systems & Networks (DSN), 2010Co-Authors: Jason H Li, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
Mahesh V Tripunitara - One of the best experts on this subject based on the ideXlab platform.
-
Security Analysis in role based access control
ACM Transactions on Information and System Security, 2006Co-Authors: Ninghui Li, Mahesh V TripunitaraAbstract:The administration of large role-based access control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability, it may reduce the control that an organization has over its resources, thereby diminishing a major advantage RBAC has over discretionary access control (DAC). We propose to use Security Analysis techniques to maintain desirable Security properties while delegating administrative privileges. We give a precise definition of a family of Security Analysis problems in RBAC, which is more general than safety Analysis that is studied in the literature. We show that two classes of problems in the family can be reduced to similar Analysis in the RT[L∩] role-based trust-management language, thereby establishing an interesting relationship between RBAC and the RT framework. The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases.
-
Security Analysis in role based access control
Symposium on Access Control Models and Technologies, 2004Co-Authors: Ninghui Li, Mahesh V TripunitaraAbstract:Delegation is often used in administrative models for Role-Based Access Control (RBAC) systems to decentralize administration tasks. While the use of delegation greatly enhances flexibility and scalability, it may reduce the control that an organization has over its resources, thereby diminishing a major advantage RBAC has over Discretionary Access Control(DAC). We propose to use Security Analysis techniques to maintain desirable Security properties while delegating administrative privileges. We give a precise definition of a family of Security Analysis problems in RBAC, which is more general than safety Analysis that is studied in the literature. We also show that two classes of problems in the family can be reduced to similar Analysis in the RT 0 trust-management language, thereby establishing an interesting relationship between RBAC and the RT (Role-based Trust-management) framework. The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases.
Xinming Ou - One of the best experts on this subject based on the ideXlab platform.
-
using bayesian networks for cyber Security Analysis
Dependable Systems and Networks, 2010Co-Authors: Peng Xie, Jason H Li, Peng Liu, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
-
DSN - Using Bayesian networks for cyber Security Analysis
2010 IEEE IFIP International Conference on Dependable Systems & Networks (DSN), 2010Co-Authors: Jason H Li, Xinming Ou, Renato LevyAbstract:Capturing the uncertain aspects in cyber Security is important for Security Analysis in enterprise networks. However, there has been insufficient effort in studying what modeling approaches correctly capture such uncertainty, and how to construct the models to make them useful in practice. In this paper, we present our work on justifying uncertainty modeling for cyber Security, and initial evidence indicating that it is a useful approach. Our work is centered around near real-time Security Analysis such as intrusion response. We need to know what is really happening, the scope and severity level, possible consequences, and potential countermeasures. We report our current efforts on identifying the important types of uncertainty and on using Bayesian networks to capture them for enhanced Security Analysis. We build an example Bayesian network based on a current Security graph model, justify our modeling approach through attack semantics and experimental study, and show that the resulting Bayesian network is not sensitive to parameter perturbation.
