Balázsné Kail, Eszter and Riethné Nagy, A and Fleiner, Rita Dominika and Bánáti, Anna and Rigó, Ernő (2025) Low-impact, near real-time risk assessment for legacy IT infrastructures. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 24 (1). ISSN 1615-5262 10.1007/s10207-024-00971-4

Text Kail_66_35709576_ny.pdf Download (604kB)

Abstract

In an era where cybersecurity threats are evolving at an unprecedented pace, this paper introduces a methodology for near real-time risk assessment of high-profile, high security infrastructures, where data security and operational continuity inherently limits observability. Our approach addresses the challenges of this limited observability and minimized disruption, offering a new perspective on processing and evaluating cybersecurity knowledge. We present an innovative method that leverages attack graphs and attacker behavior analysis to assess risks and vulnerabilities. Our research includes the development of an automated risk assessment mechanism, graphical security modeling, and a Markov chain-based model for attacker behavior. Our methodology utilizes a blend of direct and indirect event sources, incorporating an attacker behavioral model based on a random walk method akin to Google’s PageRank. The proof-of-concept solution calculates potential risk according to the actual threat landscape, providing a more accurate and timely assessment.

Item Type:	Article
Subjects:	Q Science > QA Mathematics and Computer Science > QA75 Electronic computers. Computer science / számítástechnika, számítógéptudomány
Divisions:	Department of Network Security and Internet Technologies
SWORD Depositor:	MTMT Injector
Depositing User:	MTMT Injector
Date Deposited:	04 Apr 2025 17:44
Last Modified:	04 Apr 2025 17:44
URI:	https://eprints.sztaki.hu/id/eprint/10891

Update Item