Call for Paper

CAE solicits original research papers for the October 2021 Edition. Last date of manuscript submission is September 30, 2021.

Read More

A Fog-based Cyber Security Risk Management System using Bayesian Games

Akinwunmi D.A., Gabriel A.J., Oluwadare S.A., Akinyede R.O., Alese B.K.. Published in Security.

Communications on Applied Electronics
Year of Publication: 2021
Publisher: Foundation of Computer Science (FCS), NY, USA
Authors: Akinwunmi D.A., Gabriel A.J., Oluwadare S.A., Akinyede R.O., Alese B.K.
10.5120/cae2021652879

Akinwunmi D.A., Gabriel A.J., Oluwadare S.A., Akinyede R.O. and Alese B.K.. A Fog-based Cyber Security Risk Management System using Bayesian Games. Communications on Applied Electronics 7(35):1-8, April 2021. BibTeX

@article{10.5120/cae2021652879,
	author = {Akinwunmi D.A. and Gabriel A.J. and Oluwadare S.A. and Akinyede R.O. and Alese B.K.},
	title = {A Fog-based Cyber Security Risk Management System using Bayesian Games},
	journal = {Communications on Applied Electronics},
	issue_date = {April 2021},
	volume = {7},
	number = {35},
	month = {Apr},
	year = {2021},
	issn = {2394-4714},
	pages = {1-8},
	numpages = {8},
	url = {http://www.caeaccess.org/archives/volume7/number35/876-2021652879},
	doi = {10.5120/cae2021652879},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Cyber security is among the most complex and rapidly evolving issues in the society today and has been the focus of most present day organizations. Cyber security risk management is the process of reducing potentially harmful and uncertain events that poses as threat to cyber security. One of the prominent cyber security risk management techniques is the Game Theoretic Approach (GTA). The objective of this research is to develop a cyber-security risk management system using a game theoretic approach in the concept of Fog computing which will encourage proactive management of cyber risks and enhances cyber operational effectiveness and efficiency. In this research, a Cyber Security Risk Management System was developed using Bayesian Game. The algorithm was formulated such that PyQt4 framework serves as a shield to the Fog server. The algorithm checks the server’s CPU utilization, memory utilization, running threads and all logs to the console. The algorithm with the help of Snort performs inline packet inspection and logs any malicious packet to the console and also to a database on the server. The algorithm regularly checks the cached content on the server, reports the size at every point in time and also monitor-connected clients. The algorithm was implemented in Linux Ubuntu Desktop 14 environment using Python programming language. Nmap was used to probe a remote node for its vulnerabilities and Snort was used as a Network- Based Intrusion Detection System (NIDS). Experimental results on Adekunle Ajasin University’s network demonstrate the ability of the system to manage cyber risks in the network. Obtained data on the proposed Cyber Security Risk Management System, formed the basis for the evaluation. The model developed will be useful for managing security risks in a computer network environment.

References

  1. Gabriel A. J., Adetunmbi A. O., Obaila P. 2020. A Two-Layer Image-Steganography System for Covert Communication over Enterprise Network. In: Gervasi O. et al. (eds). Lecture Notes in Computer Science, vol 12254 pp. 459-470. Springer Nature Switzerland. https://doi.org/10.1007/978-3-030-58817-5_34
  2. Lewis, J. A. 2002. Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats. Center for Strategic and International Studies (CSIS).
  3. Alese B. K., Gabriel A. J., Ayodele T. and Akinsowon O. A. 2016 “Cost-Benefit Analysis of Cyber-Security Systems”. Proceedings of the World Congress on Engineering and Computer Science 2016. Vol I, WCECS 2016, October 19-21, 2016, San Francisco.
  4. Alese, B.K., Gabriel A. J., Olukayode O. and Daramola O.A. 2014. Modelling of Risk Management Procedures for Cybercrime Control Systems; The 2014 International Conference of Information Security and Internet Engineering; World Congress on Engineering, ISBN 978-988-19252-7-7; 505-509.
  5. Stoneburner, G., Goguen, A. and Feringa, A. 2002. Risk Management Guide for Information Technology Systems—NIST Special Publication 800-30. Technical Report, National Institute of Standards and Technology, (July).
  6. Gabriel, A.J., Darwish, A. and Hassanien, A.E., 2021. Cyber Security in the Age of COVID-19. Digital Transformation and Emerging Technologies for Fighting COVID-19 Pandemic: Innovative Approaches, pp.275-295. Springer. DOI:10.1007/978-3-030-63307-3_18
  7. Gueye, A. 2011. A Game Theoretical Approach to Communication Security. University of California, Berkeley, PhD Thesis.
  8. Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V. and Wu, Q. 2010. A Survey of Game Theory as Applied to Network Security. Proc. of the 43rd Hawaii International Conference System Sciences (HICSS), Hawaii..
  9. Alese, B. K., Iwasokun, G. B. and Haruna, D. I. 2013. DGM Approach to Network Attacker and Defender Strategies. In ’Information Security’ A Conference Proceedings on International Conference for Internet World Congress on Internet Security Technologies and Secured Transactions ICITST.
  10. Ibidunmoye, E.O., Alese, B. K. and Ogundele, O. S. 2013. Modeling Attacker-Defender Interaction as a Zero- Sum Stochastic Game. Journal of Computer Sciences and Applications, 1(2), 27–32.
  11. Garg, S. and Aujla, G. S. 2014. An Attack Tree Based Comprehensive Framework for the Risk and Security Assessment of VANET using the Concepts of Game Theory and Fuzzy Logic. Journal of Emerging Technologies In Web Intelligence, 6(2).
  12. Kamhoua, C., Martin, A., Tosh, D. K., Kwiat, K. A., Heitzenrater, C., and Sengupta, S. 2015. Cyber-threats Information Sharing in Cloud Computing : A game Theoretic Approach, 382–389. DOI: 10.1109/CSCloud.2015.80.
  13. Maghrabi, L. 2015. Moving Assets to the Cloud : A Game Theoretic Approach Based on Trust.
  14. Garg, S. and Aujla, G. S. 2016. Accessing Risk Priority of SSL SYN Attack using Game Theoretic Attack Defense Tree Model for VANETs, 729–734.
  15. Wei, L., Sarwat, A., and Saad, W. 2016. Risk Assessment of Coordinated Cyber-Physical Attacks Against Power Grids : A Stochastic Game Approach, 1.
  16. Musman, S. and Turner, A. 2017. A game theoretic approach to cyber security risk management. Journal of Defense Modeling and Simulation: Applications, Methodology, Technology, (Special). DOI: 10.1177/1548512917699724.
  17. Razouk, W., Sgandurra, D. and Sakurai, K. 2017. A New Security Middleware Architecture, Based on Fog Computing and Cloud To Support IoT Constrained Devices. In IML ’17: International Conference on Internet of Things and Machine Learning, October 17–18, 2017, Liverpool, United Kingdom. ACM, New York, NY, USA, Article 143, 8 pages. DOI: 10.1145/3109761.3158413.
  18. Sun, Y., Lin, F .and Zhang, N. 2018. “A security mechanism based on evolutionary game in fog computing” Saudi Journal of Biological Sciences 25 (2018) 237–241.
  19. Netland, L. 2008. Assessing and Mitigating Risks in Computer Systems, PhD Thesis at the University of Bergen, Norway.

Keywords

Fog Computing, Cyber Security, Fog Computing, Game Theory, Risk Management