https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Bayesian Networks for Online Cybersecurity Threat Detection
Uppsala University, Uppsala, Sweden.
Mälardalen University, School of Innovation, Design and Engineering, Innovation and Product Realisation.ORCID iD: 0000-0002-2833-7196
2021 (English)In: Stud. Comput. Intell., Springer Science and Business Media Deutschland GmbH , 2021, p. 129-159Conference paper, Published paper (Refereed)
Abstract [en]

Cybersecurity threats have surged in the past decades. Experts agree that conventional security measures will soon not be enough to stop the propagation of more sophisticated and harmful cyberattacks. Recently, there has been a growing interest in mastering the complexity of cybersecurity by adopting methods borrowed from Artificial Intelligence (AI) in order to support automation. In this chapter, we concentrate on cybersecurity threat assessment by the translation of Attack Trees (AT) into probabilistic detection models based on Bayesian Networks (BN). We also show how these models can be integrated and dynamically updated as a detection engine in the existing DETECT framework for automated threat detection, hence enabling both offline and online threat assessment. Integration in DETECT is important to allow real-time model execution and evaluation for quantitative threat assessment. Finally, we apply our methodology to a real-world case study, evaluate the resulting model with sample data, perform data sensitivity analyses, then present and discuss the results.

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2021. p. 129-159
Keywords [en]
Attack trees, Bayesian networks, Explainable AI, Risk evaluation, Situation Assesment, Threat detection
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-52964DOI: 10.1007/978-3-030-57024-8_6Scopus ID: 2-s2.0-85097909245OAI: oai:DiVA.org:mdh-52964DiVA, id: diva2:1514888
Available from: 2021-01-07 Created: 2021-01-07 Last updated: 2022-02-22Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Flammini, Francesco

Search in DiVA

By author/editor
Flammini, Francesco
By organisation
Innovation and Product Realisation
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 117 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf