Juan Zou,Yong Wei,Weimin Wu

DOI: https://doi.org/10.1109/icnsc.2012.6204933

2012-01-01

Abstract:An emergency control system for shipping is an indispensable part of the modern maritime operation system. Petri nets are useful for describing and studying information processing systems that are characterized as being concurrent, distributed parallel and asynchronous. In this paper, a generalized stochastic Petri net with finite capacity and inhibitor arc is exploited to model the emergency control system for shipping. The obtained model is analyzed using the software of PIPE. The analyzed results on modeling time and resource performance show that the obtained model is able to describe well the real physics system and provide some suggestion on improving the performance of the emergency control system for shipping.

LIU Xiao-jian,ZHANG Shu-you,XU Jing-hua

DOI: https://doi.org/10.3785/j.issn.1008-973x.2011.01.006

2011-01-01

Abstract:Impact prediction was incorporated with the dynamic expression of network in order to realize the impact prediction of design change in network flow system,and a dynamic model based on network flow Petri net(NFPN) was proposed to predict these impacts.Petri net was utilized to describe network flow and its design changes,and the NFPN dynamic model was established.The construction of full reachable graph of Petri net was associated with the impact prediction of change based on the analysis of hierarchical network flow.The analysis of the integral network was recursively accomplished through the simplification of reachable graph by multi-level Abstraction.Application to the reconstruction and design of distribution network verified the feasibility and validity of the method.The method greatly reduces the complexity of state space,and is applicable to large scale and complicated network.

Jiajun Shen,Dongqin Feng

DOI: https://doi.org/10.1109/hpcc.2014.115

2014-01-01

Abstract:With the development of the industrial informatization, the problems of security in field device layer have been gradually exposed, which mainly involves specified industrial communication protocols. Clock synchronization protocol, as one of the most important industrial communication protocols, ensures the real-time performance of industrial control system. Considering that the related researches have not yet formed a mature system, we propose a new method for analyzing the vulnerability of clock synchronization protocol in this article. In this method, SPN(stochastic petri net) is introduced as a modeling tool, while IEEE 1588 PTP clock synchronization protocol is regarded as the research object. An SPN(stochastic petri net) model is strictly built according to the protocol. Then, steady-state probability expressions are obtained by the isomorphic Markov chain. Through changing trigger rate of transitions of several pivotal states which are related to vulnerability, the influences of each parameter has on the model could be quantitatively reflected in the result of simulation in order to analyze vulnerability of clock synchronization protocol by determining the critical factors that affect protocol's vulnerability.

Xiaochun Xiao,Huan Wang,Gendu Zhang

DOI: https://doi.org/10.1109/fcst.2008.26

2008-01-01

Abstract:The risk assessment for network information system has experienced a stage from rule-based questionnaire investigation to model-based assessment. Many graph-based models have been proposed and applied to risk assessment. Attack Graph is widely used one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and risk assessment by policy rules violations based on the access graph. As a complement to the attack graph approach, the access graph grows polynomially with the number of hosts and so has the benefit of scaling better to more practical, realistic size networks. This paper presents a novel risk assessment model for network information system based access graph. Compared with related works, our approach improves the performance and reduces the computational cost.

Kunfu Wang,Wei Feng,Xing Li

DOI: https://doi.org/10.12783/dtcse/ccnt2020/35444

2021-01-01

DEStech Transactions on Computer Science and Engineering

Abstract:In order to assist network administrators to assess network security risks, a new Bayesian model of network risk assessment method is proposed. Firstly, the model designs the quantitative method of attack revenue and attack cost index, introduces the atomic attack efficiency variable, and integrates the variable into the calculation of probability, obtains the prior risk probability of each node in the network, so as to carry out the static evaluation of network risk. Secondly, DNO_Alg of deleting node order is proposed to determine the order of eliminating elements, so that Bayesian model can be transformed into cluster tree. Finally, combined with the detected attacks, the cluster tree propagation algorithm is used to dynamically calculate the posterior risk probability of nodes, so as to evaluate the network risk in real time.

Fu-Hong Yang,Chi-Hung Chi,Lin Liu

DOI: https://doi.org/10.1007/11839569_28

2006-01-01

Abstract:A formal model of security risk assessment for an enterprise information security is developed. The model, called the Graph Model, is constructed based on the mapping of an enterprise IT infrastructure and networks/systems onto a graph. Components of the model include the nodes which represent hosts in enterprise network and their weights of importance and security, the connections of the nodes, and the safeguards used with their costs and effectiveness. The model can assist to identify inappropriate, insufficient or waste protector resources like safeguards that are relative to the needs of the protected resources, and then reallocates the funds or protector resources to minimize security risk. An example is provided to represent the optimization method and process. The goal of using Graph Model is to help enterprise decision makers decide whether their security investment is consistent with the expected risks and how to allocate the funds or protector resources.

XiaoLin Cui,Xiaobin Tan,Yong Zhang,Hongsheng Xi

DOI: https://doi.org/10.1109/CSSE.2008.949

2008-01-01

Abstract:Risk assessment is a very important tool to acquire a present and future security status of the network information system. Many risk assessment approaches consider the present system security status, while the future security status, which also has an impact on assessing the system risk, is not taken into consideration. In this paper we propose a novel risk assessment model based on Markov game theory. In this model, all of the possible risk in the future will impact on the present risk assessment. The farther away from now, the smaller impact on the risk assessment it has. After acquiring the system security status, we proposed an automatic generated reinforcement scheme which will provide a great convenience to the system administrator. A software tool is developed to demonstrate the performance of the risk assessment of a network information system and a simulation example shows the effectiveness of the proposed model. © 2008 IEEE.

Xiaochun Xiao,Tiange Zhang,Gendu Zhang

DOI: https://doi.org/10.1109/sectech.2008.18

2008-01-01

Abstract:Currently, the risk analysis for network Information system has experienced a stage from rule-based questionnaire investigation to model-based assessment. Many graph-based models have been proposed and applied to risk analysis. Attack Graph is widely used one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and risk analysis based on the access graph. As a complement to the attack graph approach, the access graph is host-centric approach, which grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. Compared with related works, our approach improves in both performance and computational cost.

Ye Zhang,Guoqiang Cai,Limin Jia,Fu Wei

2005-01-01

Abstract:An accurate and reliable Railway Driving Safety System has to be adaptable and flexible for changing requirements coming from various safety-protecting devices. Petri Net with Object (PNO) is introduced to model this system in order to overcome the disadvantages using traditional modeling techniques. The structure of the PNO possesses the characteristics of small scale and flexibility, modularization and operability, so that system model can be partitioned and modeled in separate dynamic active objects according to process approach. Workflow among these objects can be dynamically adaptive allowing for the subsystem change. Some examples suggest the advantages of this contribution.

Zenan Wu,Liqin Tian,Yi Zhang,Yan Wang,Yuquan Du

DOI: https://doi.org/10.1155/2021/4005877

IF: 1.968

2021-11-13

Security and Communication Networks

Abstract:At present, most network security analysis theory assumes that the players are completely rational. However, this is not consistent with the actual situation. In this paper, based on the effectiveness constraints on both sides with network attack and defense, with the help of stochastic Petri net and evolutionary game theory, the Petri net model of network attack and defense stochastic evolutionary game is reconstructed, the specific definition of the model is given, and the modeling method is given through the network connection relationship and attack and defense strategy set. Using this model, a quantitative analysis of network attack events is carried out to solve a series of indicators related to system security, namely, attack success rate, average attack time, and average system repair time. Finally, the proposed model and analysis method are applied to a classic network attack and defense process for experimental analysis, and the results verify the rationality and accuracy of the model and analysis method.

computer science, information systems,telecommunications

Yuanzhuo Wang,Jingyuan Li,Kun Meng,Chuang Lin,Xueqi Cheng

DOI: https://doi.org/10.1002/sec.535

IF: 1.968

2012-04-17

Security and Communication Networks

Abstract:In this paper, we propose a novel modeling method attack–defense stochastic game Petri nets (or ADSGN) to model and analyze the security issues in enterprise network. We firstly give the definition and modeling method algorithm of ADSGN and then propose the algorithm of the strategy. The proposed ADSGN method is successfully applied to describe the attack and defense courses in the enterprise network. Finally, we analyze the mean time to first security breach and the mean time to security breach in the enterprise network quantifiably, and proved that our method can also be applied to other areas with respect to game issues. Copyright © 2012 John Wiley & Sons, Ltd. According to the characteristics of the network attack and defense actions, we extend the previous work by proposing attack‐defense stochastic game Petri nets (or ADSGNs), which can be used to model and analyze the competitive game issues by using classical methods from stochastic Petri nets. ADSGN are suitable to investigate the complex and dynamic game‐related issues in network attack. In this paper, we use ADSGN to model and analyze the enterprise network attacks, compute the Nash equilibrium to deduce the best‐response strategies to defend the attacks. We believe that ADSGN can open a new avenue to handle the game‐related issues in network security.

computer science, information systems,telecommunications

Dongliang Zhang,Kaiwen Zhang,Liufeng Wang,Qinqin Hong

DOI: https://doi.org/10.1088/1742-6596/1754/1/012059

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract Digital control is an inevitable trend in the development of nuclear power. The application of digital control systems in nuclear power plants not only improves the control capability of nuclear power plants, but also increases the complexity of the system. Traditional reliability analysis methods (such as event trees and fault trees) can only perform static analysis on the reactor protection system, but cannot reflect the impact of maintenance activities on system reliability. In the dynamic analysis method, the Markov model is usually applied to the exponential distribution, and the failure and maintenance process of the reactor protection system does not all obey the exponential distribution. In this paper, the Petri net method is used to model the reactor protection system, and the modules are modeled separately according to the function of the system, and finally the model is integrated. Modularization improves the flexibility and understandability of the model, shortens modeling time, and improves robustness. The proposed model was simulated using the GPenSIM tool, and the state reachability diagram of the system with or without maintenance process was obtained, and the probability of shutdown and refusal was obtained.

Jian Chen,Mingyuan Yang

DOI: https://doi.org/10.1145/3523181.3523192

2022-01-01

Abstract:Network security situation assessment is a research hotspot in the field of information security, which is strong in real-time performance. However, most of the current real-time situation assessment technologies are very complicated and do poorly in real-time performance. Hence, this paper puts forward a real-time situation assessment method based on the threat propagation model. This method establishes a threat propagation model of real-time situation assessment, in order to calculate the threat degree of threat propagation source to target network, and to evaluate the real-time situation assessment from two layers which includes the network node layer and the whole network layer. The results of simulation experiment show that the method proposed in this paper can evaluate the potential threats according to the current attack scenarios, and can achieve a real-time assessment on the attacks in the network since the situation of real-time network attacks change obviously. In short, the effectiveness, accuracy and real-time performance of the proposed method are verified by comparative experiments.

LI Jia-rui,LING Xiao-bo,LI Chen-xi,LI Zi-mu,YANG Jia-hai,ZHANG Lei,WU Cheng-nan

DOI: https://doi.org/10.11896/jsjkx.210800107

2022-01-01

Computer Science

Abstract:In order to overcome the difficulties that current attack graph model cannot reflect real-time network attack events,a method is proposed including a forward risk probability update algorithm and a forward-backward combined risk probability update algorithm,which meets the needs of real-time analyzing network security.It first performs specific quantitative analysis on the uncertainty of each node in the graph,and uses Bayesian networks to calculate their static probabilities.After that,it updates the dynamic probability of each node along the forward and backward paths according to the real-time network security events,instantly reflecting the changes of external conditions and assessing real-time risk levels across the network.Experimental results show that the method can calibrate and adjust the risk probability of each node according to the actual situation,which helps the network operator correctly understand the dangerous levels of the network and make better decision for defense and prevention of the next attack.

Xiaobin Tan,Yong Zhang,Xiaolin Cui,Hongsheng Xi

DOI: https://doi.org/10.1109/kamw.2008.4810531

2008-01-01

Abstract:Different from traditional risk management, real-time risk management describes system risk dynamically. It includes three phases: risk analysis, risk evaluation and risk prediction. This paper proposes a practical framework to real-time risk management. Risk evaluation is a quantitative analysis process of system security and risk, and it is a basis of real-time risk, management. This paper adopts continuous time hidden Markov model to evaluate system risk. The model evaluates system risk via the integrated analysis of system assets, threats, vulnerabilities and safety measures. Simulation results show that the model is suitable and efficient. The framework will be tested in actual network environment and improve it.

Jian Jiao,Wenhao Li,Dongchao Guo

DOI: https://doi.org/10.3390/electronics13173350

IF: 2.9

2024-08-25

Electronics

Abstract:Network risk assessment should include the impact of the relationship between vulnerabilities, in order to conduct a more in-depth and comprehensive assessment of vulnerabilities and network-related risks. However, the impact of extracting the relationship between vulnerabilities mainly relies on manual processes, which are subjective and inefficient. To address these issues, this paper proposes a dual-layer knowledge representation model that combines various attributes and structural information of entities. This article first constructs a vulnerability knowledge graph and proposes a two-layer knowledge representation learning model based on it. Secondly, in order to more accurately assess the actual risk of vulnerabilities in specific networks, this paper proposes a vulnerability risk calculation model based on impact relationships, which realizes the risk assessment and ranking of vulnerabilities in specific network scenarios. Finally, based on the research on automatic prediction of the impact relationship between vulnerabilities, this paper proposes a new Bayesian attack graph network risk assessment model for inferring the possibility of device intrusion in the network. The experimental results show that the model proposed in this study outperforms traditional evaluation methods in relationship prediction tasks, demonstrating its efficiency and accuracy in complex network environments. This model achieves efficient resource utilization by simplifying training parameters and reducing the demand for computing resources. In addition, this method can quantitatively evaluate the success probability of attacking specific devices in the network topology, providing risk assessment and defense strategy support for network security managers.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yueli Dong,Bin Sun,Gang Wang

DOI: https://doi.org/10.1016/j.egyr.2021.10.030

IF: 5.2

2021-11-01

Energy Reports

Abstract:A modeling method of security risk assessment for power system network is presented in this paper. The modeling method is divided into three steps. Firstly, Object-oriented Bayesian network(OOBN) is used for structural modeling to avoid the state explosion caused by the large scale of the network. Secondly, Combined with expert knowledge, an effective parameter modeling method is proposed. Based on the OOBN model, the parallel computing reasoning method of OOBN subnet is studied to reduce the complexity of joint probability calculation and improve the calculation timeliness. Finally, the prototype of power information test system is designed to verify the effectiveness of the model. The results show that the method can be used in the security risk assessment for power system network efficiently.

energy & fuels

LIU Jie-ling,LING Xiao-bo,ZHANG Lei,WANG Bo,WANG Zhi-liang,LI Zi-mu,ZHANG Hui,YANG Jia-hai,WU Cheng-nan

DOI: https://doi.org/10.11896/jsjkx.210600171

2022-01-01

Computer Science

Abstract:Power system network is one of the important targets of cyber attack.In order to ensure the safe operation of power system,network managers need to evaluate the network security risk.Usually,existing network security risk assessment framework only aims at a single scenario,and can not find the strategic attackers who use a variety of low-risk methods to achieve high-risk threat targets from large quantities of network security alerts.In order to meet the above challenges,this paper proposes a network security risk assessment method based on tactical correlation.In this method,the warning information generated on va-rious network security detection devices when an attacker implements a multi-step attack is associated to form an attack chain,and the security risk of the organization intranet is evaluated by calculating the threat,vulnerability,impact score of each node in the attack chain and the risk score of the whole attack chain.In order to verify the effectiveness and robustness of the proposed method,this paper selects a representative example to illustrate the specific implementation process of the proposed method for network security risk assessment in the organizational intranet.The example shows that the network security risk assessment framework based on the tactical association can correctly assess the harm of multi-step attack caused by low-risk alarm association to achieve high-risk targets,and is more robust than the traditional single scenario analysis method,which can better provide decision-making basis for organization decision-makers in network security risk management.

Xin YANG,Hui LI,Jiangxing WU,Peng YI

DOI: https://doi.org/10.1360/ssi-2019-0224

2020-01-01

Abstract:Cyber mimic defenses have recently emerged as a dynamic heterogeneity redundancy architecture, which adjust the asymmetry between defenders and attackers by reconfiguring the system according to the network scenario. Some studies have investigated the effectiveness of security models, however, there is still a lack of convincing and practical methods to assess CMD networks quantitatively. Thus, in this paper, we propose a two-dimension model that calculates those details as a digital result to compare different CMD networks. In addition, the proposed method demonstrates good scalability in different networks. Specifically, in the first dimension, i.e., attacking a single node, we elaborate on system configurations and employ the Generalized Stochastic Petri net model to capture the effectiveness of different behaviors from gamers. To quantify the impacts of those behaviors, we parameterized them using a Poisson process, common vulnerabilities and exposures, and the common vulnerability scoring system. In the second dimension, we adopt Markov chains and the Martingale theory to analyze the attack process along the attack chain. Finally, security metrics and countermeasures under different scenarios are presented to verify the effectiveness of CMD, which provides some guidance for designing future systems with acceptable cost.

Rong Zeng,Yijia Cao,Yong Li,Sijia Hu,Xia Shao,Liwei Xie,Liang Hou,Long Zhao,Mohammad Shahidehpour

DOI: https://doi.org/10.1109/tsg.2023.3302287

IF: 10.275

2023-01-01

IEEE Transactions on Smart Grid

Abstract:The power system has become the key target of national cyber confrontation. To enhance the risk management capability of the distribution network (DN) while assessing the cyberattack risk quickly and accurately, this paper proposes a general real-time cyberattack risk assessment method for DN involving the influence of distributed feeder automation systems (DFAs). In particular, to clarify the quantitative relationship between cyberattack intrusion and DN state deterioration, we constructed the quantitative model of the cyber physical distribution network (CPDN) under cyberattack, which involves the influence of DFAs’ behavior. In addition, in order to intuitively demonstrate the cyberattack risk, we developed a novel entropy-like risk assessment system upon the quantitative model of CPDN. The real two-feeder test platform with cyberattack simulation devices is used to verify the correctness and practicality of the proposed method. In this process, a digital cyberattack risk assessment unit is created, contributing to the system-level application of risk management.

engineering, electrical & electronic