The Experts below are selected from a list of 92013 Experts worldwide ranked by ideXlab platform
Ze Quan Yan - One of the best experts on this subject based on the ideXlab platform.
-
Researches on the Network Security Evaluation Method Based on BP Neural Network
Applied Mechanics and Materials, 2014Co-Authors: Yi Bin Zhang, Ze Quan YanAbstract:This paper first describes the basic theory of BP neural network algorithm, defects and improved methods, establishes a computer network Security Evaluation index system, explores the computer network Security Evaluation method based on BP neural network, and has designed to build the Evaluation model, and shows that the method is feasible through the MATLAB simulation experiments.
Yan Qiang - One of the best experts on this subject based on the ideXlab platform.
-
An Object-Oriented Method for Information System Security Evaluation
Journal of Beijing University of Posts and Telecommunications, 2005Co-Authors: Yan QiangAbstract:Security Evaluation is an important approach for the Security risk management of the information system. But there are lack of effective methods and tools for Security Evaluation. To resolve the problem, an object model of Security Evaluation is established based on the object oriented technology. The concepts of correlation test and dependency test are introduced and a set of tools is also developed according to the model. The practical application indicates that the object oriented technology can improve the efficiency of Security Evaluation, and the correlation test and dependency test also improve the penetration testing effects.
-
Introduction and Advancement of Information System Security Evaluation Criteria and Technology
Computer Engineering, 2003Co-Authors: Yan QiangAbstract:This paper reviews the history of information system Security Evaluation criteria, introduces criteria which have important effect on Security Evaluation such as TCSEC and CC, clarifies the Evaluation method and its implementation model, and introduces recent researches of other countries in this field.
Andrey Chechulin - One of the best experts on this subject based on the ideXlab platform.
-
Fast Network Attack Modeling and Security Evaluation based on Attack Graphs
Journal of Cyber Security and Mobility, 2014Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests an approach to network attack modeling and Security Evaluation which is realized in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of computer network and malefactors’ behaviors, building attack graphs, processing current alerts for real-time adjusting of particular attack graphs, calculating different Security metrics and providing Security assessment procedures. The novelty of the proposed approach is the use of special algorithms for construction, modification and analysis of attack graphs aimed at rapid Security Evaluation. This allows using this approach in SIEM systems that operate in near-real time. The generalized architecture of the Attack Modeling and Security Evaluation Component (AMSEC), as one of the main analytical components of SIEM systems, is outlined. The main components and techniques for attack modeling and Security Evaluation are defined. A prototype of the AMSEC is presented. Experiments with this prototype are evaluated.
-
IDAACS - Computer attack modeling and Security Evaluation based on attack graphs
2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), 2013Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper considers an approach to computer attack modeling and Security Evaluation which is suggested to realize in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of malefactors' behavior, building a common attack graph, processing current alerts for real-time adjusting of particular attack graphs, calculating different Security metrics and providing Security assessment procedures. The approach is intended to be implemented in the framework of the EU MASSIF project. The generalized architecture of the Attack Modeling and Security Evaluation Component (AMSEC), as one of the main analytical components of SIEM systems, is outlined. The main components and techniques for attack modeling and Security Evaluation are defined. A prototype of the AMSEC is specified. Experiments with this prototype are analyzed. The prototype makes use of the scenario “Managed Enterprise Service Infrastructures”.
-
common framework for attack modeling and Security Evaluation in siem systems
IEEE International Conference on Green Computing and Communications, 2012Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests a framework for attack modeling and Security Evaluation in Security Information and Event Management (SIEM) systems. It is supposed that the common approach to attack modeling and Security Evaluation is based on modeling of a malefactor's behavior, generating a common attack graph, calculating different Security metrics and providing risk analysis procedures. Key elements of suggested architectural solutions for attack modeling and Security Evaluation are using a comprehensive Security repository, effective attack graph (tree) generation techniques, taking into account known and new attacks based on zero-day vulnerabilities, stochastic analytical modeling, and interactive decision support to choose preferred Security solutions. The architecture of the Attack Modeling and Security Evaluation Component (AMSEC) is proposed, its interaction with other SIEM components is described. We present the prototype of the component and the results of experiments carried out.
-
GreenCom - Common Framework for Attack Modeling and Security Evaluation in SIEM Systems
2012 IEEE International Conference on Green Computing and Communications, 2012Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests a framework for attack modeling and Security Evaluation in Security Information and Event Management (SIEM) systems. It is supposed that the common approach to attack modeling and Security Evaluation is based on modeling of a malefactor's behavior, generating a common attack graph, calculating different Security metrics and providing risk analysis procedures. Key elements of suggested architectural solutions for attack modeling and Security Evaluation are using a comprehensive Security repository, effective attack graph (tree) generation techniques, taking into account known and new attacks based on zero-day vulnerabilities, stochastic analytical modeling, and interactive decision support to choose preferred Security solutions. The architecture of the Attack Modeling and Security Evaluation Component (AMSEC) is proposed, its interaction with other SIEM components is described. We present the prototype of the component and the results of experiments carried out.
S L Surana - One of the best experts on this subject based on the ideXlab platform.
-
power system Security Evaluation using ann feature selection using divergence
International Joint Conference on Neural Network, 2003Co-Authors: K R Niazi, C M Arora, S L SuranaAbstract:This paper presents an Artificial Neural Network (ANN) based method for on-line Security Evaluation of power systems. One of the important considerations in applying ANN is feature selection. A new divergence based feature selection algorithm has been proposed and investigated. The method has been applied on an IEEE test system and the results demonstrate the suitability of the proposed method for online Security Evaluation of power systems even under changing topological conditions.
Igor Kotenko - One of the best experts on this subject based on the ideXlab platform.
-
A Semantic Model for Security Evaluation of Information Systems
Journal of Cyber Security and Mobility, 2020Co-Authors: Elena Doynikova, Andrey Fedorchenko, Igor KotenkoAbstract:Modern information systems are characterized by huge Security related data streams. For cyber Security management in such systems, novel models and techniques for efficient processing of these data streams are required. The paper considers development and application of a semantic model for Security Evaluation. The proposed model is represented as the ontology of metrics that is based on the relations between sources of Security related data, primary features of initial Security data and goals of Security Evaluation. The set of hierarchically interconnected Security metrics is mapped to the data features and Security Evaluation goals. The relations between these metrics within the proposed ontology provide the basis for Security Evaluation technique. The paper introduces the proposed ontology and its foundations, and briefly describes the developed technique. The analysis of data in the open sources is conducted, and the case study is provided to show applicability of the approach.
-
Fast Network Attack Modeling and Security Evaluation based on Attack Graphs
Journal of Cyber Security and Mobility, 2014Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests an approach to network attack modeling and Security Evaluation which is realized in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of computer network and malefactors’ behaviors, building attack graphs, processing current alerts for real-time adjusting of particular attack graphs, calculating different Security metrics and providing Security assessment procedures. The novelty of the proposed approach is the use of special algorithms for construction, modification and analysis of attack graphs aimed at rapid Security Evaluation. This allows using this approach in SIEM systems that operate in near-real time. The generalized architecture of the Attack Modeling and Security Evaluation Component (AMSEC), as one of the main analytical components of SIEM systems, is outlined. The main components and techniques for attack modeling and Security Evaluation are defined. A prototype of the AMSEC is presented. Experiments with this prototype are evaluated.
-
IDAACS - Computer attack modeling and Security Evaluation based on attack graphs
2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), 2013Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper considers an approach to computer attack modeling and Security Evaluation which is suggested to realize in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of malefactors' behavior, building a common attack graph, processing current alerts for real-time adjusting of particular attack graphs, calculating different Security metrics and providing Security assessment procedures. The approach is intended to be implemented in the framework of the EU MASSIF project. The generalized architecture of the Attack Modeling and Security Evaluation Component (AMSEC), as one of the main analytical components of SIEM systems, is outlined. The main components and techniques for attack modeling and Security Evaluation are defined. A prototype of the AMSEC is specified. Experiments with this prototype are analyzed. The prototype makes use of the scenario “Managed Enterprise Service Infrastructures”.
-
common framework for attack modeling and Security Evaluation in siem systems
IEEE International Conference on Green Computing and Communications, 2012Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests a framework for attack modeling and Security Evaluation in Security Information and Event Management (SIEM) systems. It is supposed that the common approach to attack modeling and Security Evaluation is based on modeling of a malefactor's behavior, generating a common attack graph, calculating different Security metrics and providing risk analysis procedures. Key elements of suggested architectural solutions for attack modeling and Security Evaluation are using a comprehensive Security repository, effective attack graph (tree) generation techniques, taking into account known and new attacks based on zero-day vulnerabilities, stochastic analytical modeling, and interactive decision support to choose preferred Security solutions. The architecture of the Attack Modeling and Security Evaluation Component (AMSEC) is proposed, its interaction with other SIEM components is described. We present the prototype of the component and the results of experiments carried out.
-
GreenCom - Common Framework for Attack Modeling and Security Evaluation in SIEM Systems
2012 IEEE International Conference on Green Computing and Communications, 2012Co-Authors: Igor Kotenko, Andrey ChechulinAbstract:The paper suggests a framework for attack modeling and Security Evaluation in Security Information and Event Management (SIEM) systems. It is supposed that the common approach to attack modeling and Security Evaluation is based on modeling of a malefactor's behavior, generating a common attack graph, calculating different Security metrics and providing risk analysis procedures. Key elements of suggested architectural solutions for attack modeling and Security Evaluation are using a comprehensive Security repository, effective attack graph (tree) generation techniques, taking into account known and new attacks based on zero-day vulnerabilities, stochastic analytical modeling, and interactive decision support to choose preferred Security solutions. The architecture of the Attack Modeling and Security Evaluation Component (AMSEC) is proposed, its interaction with other SIEM components is described. We present the prototype of the component and the results of experiments carried out.