Bayesian Network Models in Cyber Security: A Systematic Review

Saba Chockalingam; Wolter Pieters; André Herdeiro Teixeira; Pieter van Gelder

doi:10.1007/978-3-319-70290-2_7

Bayesian Network Models in Cyber Security: A Systematic Review

Saba Chockalingam, Wolter Pieters, André Herdeiro Teixeira, Pieter van Gelder

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

1526 Downloads (Pure)

Abstract

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.

Original language	English
Title of host publication	Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017)
Editors	Helger Lipmaa, Aikaterini Mitrokotsa, Raimundas Matulevicius
Publisher	Springer
Pages	105-122
Number of pages	18
Volume	10674
ISBN (Electronic)	978-3-319-70290-2
ISBN (Print)	978-3-319-70289-6
DOIs	https://doi.org/10.1007/978-3-319-70290-2_7
Publication status	Published - 2017
Event	The 22nd Nordic Conference on Secure IT Systems - Dorpat Convention Centre, Tartu, Estonia Duration: 8 Nov 2017 → 10 Nov 2017 http://nordsec2017.cs.ut.ee/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	10674
ISSN (Print)	0302-9743

Conference

Conference	The 22nd Nordic Conference on Secure IT Systems
Abbreviated title	NordSec 2017
Country/Territory	Estonia
City	Tartu
Period	8/11/17 → 10/11/17
Internet address	http://nordsec2017.cs.ut.ee/

Keywords

Bayesian attack graph
Bayesian Network
Cyber security
Information security
Insider threat

Access to Document

10.1007/978-3-319-70290-2_7

Chockalingam_et_al_Bayesian_Network_Models_in_Cyber_Security_A_Systematic_ReviewAccepted author manuscript, 310 KB

Cite this

Chockalingam, S., Pieters, W., Herdeiro Teixeira, A., & van Gelder, P. (2017). Bayesian Network Models in Cyber Security: A Systematic Review. In H. Lipmaa, A. Mitrokotsa, & R. Matulevicius (Eds.), Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017) (Vol. 10674, pp. 105-122). (Lecture Notes in Computer Science; Vol. 10674). Springer. https://doi.org/10.1007/978-3-319-70290-2_7

@inproceedings{0eba4009a22949b9bec1c930c6a40b5b,

title = "Bayesian Network Models in Cyber Security: A Systematic Review",

abstract = "Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.",

keywords = "Bayesian attack graph , Bayesian Network, Cyber security, Information security, Insider threat",

author = "Saba Chockalingam and Wolter Pieters and {Herdeiro Teixeira}, Andr{\'e} and {van Gelder}, Pieter",

year = "2017",

doi = "10.1007/978-3-319-70290-2_7",

language = "English",

isbn = "978-3-319-70289-6",

volume = "10674",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "105--122",

editor = "Helger Lipmaa and Aikaterini Mitrokotsa and Raimundas Matulevicius",

booktitle = "Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017)",

note = "The 22nd Nordic Conference on Secure IT Systems, NordSec 2017 ; Conference date: 08-11-2017 Through 10-11-2017",

url = "http://nordsec2017.cs.ut.ee/",

}

Chockalingam, S, Pieters, W, Herdeiro Teixeira, A & van Gelder, P 2017, Bayesian Network Models in Cyber Security: A Systematic Review. in H Lipmaa, A Mitrokotsa & R Matulevicius (eds), Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017). vol. 10674, Lecture Notes in Computer Science, vol. 10674, Springer, pp. 105-122, The 22nd Nordic Conference on Secure IT Systems, Tartu, Estonia, 8/11/17. https://doi.org/10.1007/978-3-319-70290-2_7

Bayesian Network Models in Cyber Security: A Systematic Review. / Chockalingam, Saba; Pieters, Wolter; Herdeiro Teixeira, André et al.
Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017). ed. / Helger Lipmaa; Aikaterini Mitrokotsa; Raimundas Matulevicius. Vol. 10674 Springer, 2017. p. 105-122 (Lecture Notes in Computer Science; Vol. 10674).

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Bayesian Network Models in Cyber Security: A Systematic Review

AU - Chockalingam, Saba

AU - Pieters, Wolter

AU - Herdeiro Teixeira, André

AU - van Gelder, Pieter

PY - 2017

Y1 - 2017

N2 - Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.

AB - Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteria and identify important patterns in the use of these models. A key outcome is that standard BNs are noticeably used for problems especially associated with malicious insiders. This study points out the core range of problems that were tackled using standard BN models in cyber security, and illuminates key research gaps.

KW - Bayesian attack graph

KW - Bayesian Network

KW - Cyber security

KW - Information security

KW - Insider threat

UR - http://resolver.tudelft.nl/uuid:0eba4009-a229-49b9-bec1-c930c6a40b5b

U2 - 10.1007/978-3-319-70290-2_7

DO - 10.1007/978-3-319-70290-2_7

M3 - Conference contribution

SN - 978-3-319-70289-6

VL - 10674

T3 - Lecture Notes in Computer Science

SP - 105

EP - 122

BT - Proceedings of the Nordic Conference on Secure IT Systems (Nordic 2017)

A2 - Lipmaa, Helger

A2 - Mitrokotsa, Aikaterini

A2 - Matulevicius, Raimundas

PB - Springer

T2 - The 22nd Nordic Conference on Secure IT Systems

Y2 - 8 November 2017 through 10 November 2017

ER -

Bayesian Network Models in Cyber Security: A Systematic Review

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cybersecurity (TPM)

Cite this

Bayesian Network Models in Cyber Security: A Systematic Review

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Projects

Cybersecurity (TPM)

Cite this