Abstract
Cyber-physical systems (CPS) are vulnerable to network attacks because communication relies on the network that links the various components in the CPS. The importance of network security is self-evident. In this study, we conduct a network security risk assessment from the perspectives of the host and the network, and we propose a new framework for a multidimensional network security risk assessment that includes two stages, i.e., risk identification and risk calculation. For the risk identification stage, we propose a multidimensional hierarchical index system for assessing cybersecurity risk; the system's security status is determined in three dimensions, i.e., basic operation, vulnerabilities, and threats, and these dimensions guide the data collection. In the risk calculation stage, we use a hidden Markov model (HMM) to assess the network security risk. We provide a new definition of the quality of alert and optimize the observation sequence of the HMM. The model uses a learning algorithm instead of setting the parameters manually. We introduce the concept of network node association to increase the reliability and accuracy of the risk assessment. The simulation results show that the proposed index system provides quantitative data that reflect the security status of the network. The proposed network security risk assessment method based on the improved HMM (I-HMM) reflects the security risk status in a timely and intuitive manner and detects the degree of risk that different hosts pose to the network.
Highlights
Cyber-physical systems (CPS) are complex systems that use sensors, computing and network technology for computation, communication and control to link the physical world and the network
The proposed risk assessment method based on the I-hidden Markov model (HMM) calculated the network security risk value of the host layer and the network layer
We provided a new definition for the quality of the alert (QoA), optimized the acquisition of the observation sequences, and used the Baum-Welch algorithm to obtain the model parameters to improve parameter acquisition
Summary
Cyber-physical systems (CPS) are complex systems that use sensors, computing and network technology for computation, communication and control to link the physical world and the network. In contrast to other research [26]–[28], we propose a multidimensional hierarchical indicator system for assessing network security risk. The indicator system determines the security status in three dimensions including basic operation, vulnerabilities, and threats. The remainder of this paper is organized as follows: Section II introduces the multidimensional hierarchical indicator system for assessing network security risk in the three dimensions. MULTIDIMENSIONAL HIERARCHICAL NETWORK INDICATOR SYSTEM FOR SECURITY RISK ASSESSMENT. We propose a multidimensional hierarchical indicator system for assessing network security risk. The network security risk assessment value R is a comprehensive indicator that considers various factors. C. INDICATOR OF THE THREAT DIMENSION We use the open-source security tool Snort to detect and collect security incident information and obtain statistics of the incidents to determine the threat dimension value.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
