Abstract
This article presents a percolation-based approach for the analysis of risk propagation, using malware spreading as a showcase example. Conventional risk management is often driven by human (subjective) assessment of how one risk influences the other, respectively, how security incidents can affect subsequent problems in interconnected (sub)systems of an infrastructure. Using percolation theory, a well-established methodology in the fields of epidemiology and disease spreading, a simple simulation-based method is described to assess risk propagation system-atically. This simulation is formally analyzed using percolation theory, to obtain closed form criteria that help predicting a pandemic incident propagation (or a propagation with average-case bounded implications). The method is designed as a security decision support tool, e.g., to be used in security operation centers. For that matter, a flexible visualization technique is devised, which is naturally induced by the percolation model and the simulation algorithm that derives from it. The main output of the model is a graphical visualization of the infrastructure (physical or logical topology). This representation uses color codes to indicate the likelihood of problems to arise from a security incident that initially occurs at a given point in the system. Large likelihoods for problems thus indicate “hotspots”, where additional action should be taken.
Highlights
Risk is a notoriously fuzzy term that describes the possibility of suffering damage, based on expected occurrences of certain incidents
Complex enterprise infrastructures may be clustered into local area networks (LANs) that are themselves interconnected by a wide area network (WAN) layer, which may or may not be under the control of the enterprise
Incident propagation in such a heterogeneous environment is generally difficult to analyze, since an incident occurring at one point may havedirect implications that depend on the system dynamics, and on how the problem’s origin node is “connected” to other parts of the system
Summary
Risk is a notoriously fuzzy term that describes the possibility of suffering damage, based on expected occurrences of certain incidents. Complex enterprise infrastructures may be clustered into local area networks (LANs) that are themselves interconnected by a wide area network (WAN) layer, which may or may not be under the control of the enterprise (e.g., the physical communication services could be outsourced to some external party) Incident propagation in such a heterogeneous environment is generally difficult to analyze, since an incident occurring at one point may have (in)direct implications that depend on the system dynamics, and on how the problem’s origin node is “connected” to other parts of the system. A further example of exactly this kind of information change is the distribution of information between agents in social and market systems (cf [1], [2]) This is yet another important aspect of risk management, especially when it comes to a company’s reputation and public image. A statistical approach should work with as little data as is there, and should avoid further loss of information by aggregation (as is common in risk assessment, say by taking the overall risk as the maximum risk across all system components)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
