A Proactive and Time-Sensitive Cyber Risk Assessment Model Integrating Markov Chains and Bayesian Networks

A Proactive and Time-Sensitive Cyber Risk Assessment Model Integrating Markov Chains and Bayesian Networks

As cyberattacks grow in complexity, they pose increasing threats to organizations reliant on networked infrastructures. Conventional risk assessment methodologies often fail to adapt to the evolving nature of these threats. This paper introduces a novel cyber risk assessment model that adopts a proa...

Full description

Saved in:
Bibliographic Details
Main Authors: Pavlos Cheimonidis, Konstantinos Rantos
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Bayesian-networks
cyber risk assessment
cybersecurity
dynamic risk assessment
industrial-control-systems
Markov-chain
Online Access:https://ieeexplore.ieee.org/document/11018330/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As cyberattacks grow in complexity, they pose increasing threats to organizations reliant on networked infrastructures. Conventional risk assessment methodologies often fail to adapt to the evolving nature of these threats. This paper introduces a novel cyber risk assessment model that adopts a proactive, dynamic, and time-aware approach to evaluating security risks. The proposed model leverages the Exploit Prediction Scoring System (EPSS) to estimate the short-term likelihood of exploitation over a 30-day period. To improve accuracy, Bayesian networks are employed to capture both system vulnerabilities and asset interdependencies within the network. This information is integrated into an absorbing Markov chain along with the identified attack paths, which are explored using Depth-First Search (DFS). The model generates exploitation probability distributions over the predefined time window, which, when combined with asset impact, facilitates dynamic, proactive, and time-sensitive risk assessments. Additionally, it provides valuable insights into attack progression by estimating the time required for an adversary to compromise critical assets. To demonstrate the practical applicability of the model, a case study is presented, showcasing its effectiveness in assessing cyber risks within a SCADA environment.
ISSN:2169-3536

Similar Items