- Title
- A quantitative risk assessment model involving frequency and threat degree under line-of-business services for infrastructure of emerging sensor networks
- Creator
- Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios
- Date
- 2017
- Type
- Text; Journal article
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/186129
- Identifier
- vital:16816
- Identifier
-
https://doi.org/10.3390/s17030642
- Identifier
- ISBN:1424-8220 (ISSN)
- Abstract
- The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider’s server contains a lot of valuable resources. LoBSs’ users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs’ risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs’ risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing. © 2017 by the authors. Licensee MDPI, Basel, Switzerland.
- Publisher
- MDPI AG
- Relation
- Sensors (Switzerland) Vol. 17, no. 3 (2017), p.
- Rights
- All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence
- Rights
- https://creativecommons.org/licenses/by/4.0/
- Rights
- Copyright © 2017 by the authors
- Rights
- Open Access
- Subject
- 4008 Electrical engineering; 4009 Electronics, sensors and digital hardware; 4606 Distributed computing and systems software; Access control; Cloud computing; Intrusion Effort; Line-of-business services; Risk assessment
- Full Text
- Reviewed
- Funder
- This work was supported by NSFC National Natural Science Foundation of China (61602396), and Chinese Universities Scientific Fund (2452015195, 2452015199, 2014YB067), and Scientific Research Foundation for PH.D from Northwest Agriculture & Forest University of China (2014BSJJ060), and the authors extend their appreciation to the International Scientific Partnership Program ISPP at King Saud University for funding this research work through ISPP# 0033.
- Hits: 929
- Visitors: 754
- Downloads: 60
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Published version | 3 MB | Adobe Acrobat PDF | View Details Download |