This page has only limited features, please log in for full access.
This article presents a new method of risk propagation among associated elements. On thebasis of coloured Petri nets, a new class called propagation nets is defined. This class providesa formal model of a risk propagation. The proposed method allows for model relations betweennodes forming the network structure. Additionally, it takes into account the bidirectional relationsbetween components as well as relations between isomorphic, symmetrical components in variousbranches of the network. This method is agnostic in terms of use in various systems and it canbe adapted to the propagation model of any systems’ characteristics; however, it is intentionallyproposed to assess the risk of critical infrastructures. In this paper, as a proof of concept example, weshow the formal model of risk propagation proposed within the project Cyberspace Security ThreatsEvaluation System of the Republic of Poland. In the article, the idea of the method is presented aswell as its use case for evaluation of risk for cyber threats. With the adaptation of Petri nets, it ispossible to evaluate the risk for the particular node and assess the impact of this risk for all relatednodes including hierarchic relations of components as well as isomorphism of elements.
Marcin Szpyrka; Bartosz Jasiul. Evaluation of Cyber Security and Modelling of Risk Propagation with Petri Nets. Symmetry 2017, 9, 32 .
AMA StyleMarcin Szpyrka, Bartosz Jasiul. Evaluation of Cyber Security and Modelling of Risk Propagation with Petri Nets. Symmetry. 2017; 9 (3):32.
Chicago/Turabian StyleMarcin Szpyrka; Bartosz Jasiul. 2017. "Evaluation of Cyber Security and Modelling of Risk Propagation with Petri Nets." Symmetry 9, no. 3: 32.
Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.
Przemysław Bereziński; Bartosz Jasiul; Marcin Szpyrka. An Entropy-Based Network Anomaly Detection Method. Entropy 2015, 17, 2367 -2408.
AMA StylePrzemysław Bereziński, Bartosz Jasiul, Marcin Szpyrka. An Entropy-Based Network Anomaly Detection Method. Entropy. 2015; 17 (4):2367-2408.
Chicago/Turabian StylePrzemysław Bereziński; Bartosz Jasiul; Marcin Szpyrka. 2015. "An Entropy-Based Network Anomaly Detection Method." Entropy 17, no. 4: 2367-2408.
We propose a formal modeling method of malicious software that support its detection and countermeasure. In order to detect malware there is a need to posses either digital signatures or behavioral models. As the obfuscation techniques makes the malware almost undetectable the classic signature-based anti-virus tools must be supported by behavioral analysis. A malware hunting tool we developed bases on the formal models in the form of Colored Petri nets and the attitude to modeling is presented in this article.
Bartosz Jasiul; Marcin Szpyrka; Joanna Śliwa. Formal Specification of Malware Models in the Form of Colored Petri Nets. Lecture Notes in Electrical Engineering 2015, 330, 475 -482.
AMA StyleBartosz Jasiul, Marcin Szpyrka, Joanna Śliwa. Formal Specification of Malware Models in the Form of Colored Petri Nets. Lecture Notes in Electrical Engineering. 2015; 330 ():475-482.
Chicago/Turabian StyleBartosz Jasiul; Marcin Szpyrka; Joanna Śliwa. 2015. "Formal Specification of Malware Models in the Form of Colored Petri Nets." Lecture Notes in Electrical Engineering 330, no. : 475-482.
The aim of this article is to present an approach to develop and verify a method of formal modeling of cyber threats directed at computer systems. Moreover, the goal is to prove that the method enables one to create models resembling the behavior of malware that support the detection process of selected cyber attacks and facilitate the application of countermeasures. The most common cyber threats targeting end users and terminals are caused by malicious software, called malware. The malware detection process can be performed either by matching their digital signatures or analyzing their behavioral models. As the obfuscation techniques make the malware almost undetectable, the classic signature-based anti-virus tools must be supported with behavioral analysis. The proposed approach to modeling of malware behavior is based on colored Petri nets. This article is addressed to cyber defense researchers, security architects and developers solving up-to-date problems regarding the detection and prevention of advanced persistent threats.
Bartosz Jasiul; Marcin Szpyrka; Joanna Sliwa. Detection and Modeling of Cyber Attacks with Petri Nets. Entropy 2014, 16, 6602 -6623.
AMA StyleBartosz Jasiul, Marcin Szpyrka, Joanna Sliwa. Detection and Modeling of Cyber Attacks with Petri Nets. Entropy. 2014; 16 (12):6602-6623.
Chicago/Turabian StyleBartosz Jasiul; Marcin Szpyrka; Joanna Sliwa. 2014. "Detection and Modeling of Cyber Attacks with Petri Nets." Entropy 16, no. 12: 6602-6623.
We propose a solution which provides a system operator with valuation of security risk introduced by various components of the communication and information system. This risk signature of the system enables the operator to make an informed decision about which network elements shall be used in order to provide a service requested by the user while minimising security risk related to service execution. In considered scenario transmitted data can be intercepted, modified or dropped by an attacker. Each network component and path can be potentially used to compromise information, since an adversary is able to utilise various vulnerabilities of network elements in order to perform an attack. The impact and probability of such successful attacks can be assessed by analysing the severity of the vulnerabilities and the difficulty of exploiting them, including the required equipment and knowledge. In consequence, each possible service work-flow can be assigned a security risk signature.
Marcin Szpyrka; Bartosz Jasiul; Konrad Wrona; Filip Dziedzic. Telecommunications Networks Risk Assessment with Bayesian Networks. Computer Vision 2013, 277 -288.
AMA StyleMarcin Szpyrka, Bartosz Jasiul, Konrad Wrona, Filip Dziedzic. Telecommunications Networks Risk Assessment with Bayesian Networks. Computer Vision. 2013; ():277-288.
Chicago/Turabian StyleMarcin Szpyrka; Bartosz Jasiul; Konrad Wrona; Filip Dziedzic. 2013. "Telecommunications Networks Risk Assessment with Bayesian Networks." Computer Vision , no. : 277-288.