Communications on Applied Electronics |
Foundation of Computer Science (FCS), NY, USA |
Volume 7 - Number 35 |
Year of Publication: 2021 |
Authors: Akinwunmi D.A., Gabriel A.J., Oluwadare S.A., Akinyede R.O., Alese B.K. |
10.5120/cae2021652879 |
Akinwunmi D.A., Gabriel A.J., Oluwadare S.A., Akinyede R.O., Alese B.K. . A Fog-based Cyber Security Risk Management System using Bayesian Games. Communications on Applied Electronics. 7, 35 ( Apr 2021), 1-8. DOI=10.5120/cae2021652879
Cyber security is among the most complex and rapidly evolving issues in the society today and has been the focus of most present day organizations. Cyber security risk management is the process of reducing potentially harmful and uncertain events that poses as threat to cyber security. One of the prominent cyber security risk management techniques is the Game Theoretic Approach (GTA). The objective of this research is to develop a cyber-security risk management system using a game theoretic approach in the concept of Fog computing which will encourage proactive management of cyber risks and enhances cyber operational effectiveness and efficiency. In this research, a Cyber Security Risk Management System was developed using Bayesian Game. The algorithm was formulated such that PyQt4 framework serves as a shield to the Fog server. The algorithm checks the server’s CPU utilization, memory utilization, running threads and all logs to the console. The algorithm with the help of Snort performs inline packet inspection and logs any malicious packet to the console and also to a database on the server. The algorithm regularly checks the cached content on the server, reports the size at every point in time and also monitor-connected clients. The algorithm was implemented in Linux Ubuntu Desktop 14 environment using Python programming language. Nmap was used to probe a remote node for its vulnerabilities and Snort was used as a Network- Based Intrusion Detection System (NIDS). Experimental results on Adekunle Ajasin University’s network demonstrate the ability of the system to manage cyber risks in the network. Obtained data on the proposed Cyber Security Risk Management System, formed the basis for the evaluation. The model developed will be useful for managing security risks in a computer network environment.