Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Implementing Bayesian Networks for online threat detection
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM). (CPS)
2018 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Cybersecurity threats have surged in the past decades. Experts agree that conventional security measures will soon not be enough to stop the propagation of more sophisticated and harmful cyberattacks. Recently, there has been a growing interest in mastering the complexity of cybersecurity by adopting methods borrowed from Artificial Intelligence (AI) in order to support automation. Moreover, entire security frameworks, such as DETECT (Decision Triggering Event Composer and Tracker), are designed aimed to the automatic and early detection of threats against systems, by using model analysis and recognising sequences of events and other tropes, inherent to attack patterns.

In this project, I concentrate on cybersecurity threat assessment by the translation of Attack Trees (AT) into probabilistic detection models based on Bayesian Networks (BN). I also show how these models can be integrated and dynamically updated as a detection engine in the existing DETECT framework for automated threat detection, hence enabling both offline and online threat assessment. Integration in DETECT is important to allow real-time model execution and evaluation for quantitative threat assessment. Finally, I apply my methodology to some real-world case studies, evaluate models with sample data, perform data sensitivity analyses, then present and discuss the results.

Place, publisher, year, edition, pages
2018. , p. 100
Keywords [en]
Cybersecurity, Bayesian Networks, Threat Detection, Attack Trees, DETECT, Risk Evaluation, Threat Assessment, CPS
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:lnu:diva-86238OAI: oai:DiVA.org:lnu-86238DiVA, id: diva2:1335798
Subject / course
Computer Science
Educational program
Software Technology Programme, 180 credits
Presentation
2018-09-21, D1173, P G Vejdes väg, 351 95 Växjö, Sweden, Växjö, 10:30 (English)
Supervisors
Examiners
Available from: 2019-07-08 Created: 2019-07-08 Last updated: 2019-08-16Bibliographically approved

Open Access in DiVA

fulltext(2889 kB)76 downloads
File information
File name FULLTEXT01.pdfFile size 2889 kBChecksum SHA-512
606097f646f64b4c5ffcc215c35c442bbd2508e39ad4808a5f5ea86717a07a0cf807dbc31f0922c4b4b790d6ae4afbdf499f0b22da1e3c546cdc8fb376caceae
Type fulltextMimetype application/pdf

By organisation
Department of computer science and media technology (CM)
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 76 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 338 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf