Projects per year
Abstract
Traditional risk management produces a rather static listing of weaknesses, probabilities and mitigations. Large share of cyber security risks realize through computer networks. These attacks or attack attempts produce events that are detected by various monitoring techniques such as Intrusion Detection Systems (IDS). Often the link between detecting these potentially dangerous real-time events and risk management process is lacking, or completely missing. This paper presents means for transferring and visualizing the network events in the risk management instantly with a tool called Metrics Visualization System (MVS). The tool is used to dynamically visualize network security events of a Terrestrial Trunked Radio (TETRA) network running in Software Defined Networking (SDN) context as a case study. Visualizations are presented with a treelike graph, that gives a quick easily understandable overview of the cyber security situation. This paper also discusses what network security events are monitored and how they affect the more general risk levels. The major benefit of this approach is that the risk analyst is able to map the designed risk tree/security metrics into actual real-time events and view the system's security posture with the help of a runtime visualization view.
Original language | English |
---|---|
Title of host publication | ECSA '18 |
Subtitle of host publication | Proceedings of the 12th European Conference on Software Architecture |
Publisher | Association for Computing Machinery ACM |
ISBN (Electronic) | 978-1-4503-6483-6 |
DOIs | |
Publication status | Published - 24 Sept 2018 |
MoE publication type | Not Eligible |
Event | 12th European Conference on Software Architecture, ECSA 2018 - Madrid, Spain Duration: 24 Sept 2018 → 28 Sept 2018 Conference number: 12 |
Conference
Conference | 12th European Conference on Software Architecture, ECSA 2018 |
---|---|
Abbreviated title | ECSA 2018 |
Country/Territory | Spain |
City | Madrid |
Period | 24/09/18 → 28/09/18 |
Keywords
- Anomaly detection
- Risk analysis
- Risk management
- Situational awareness
- Visualization
Fingerprint
Dive into the research topics of 'Combining real-time risk visualization and anomaly detection'. Together they form a unique fingerprint.Projects
- 1 Finished
-
SENDATE-PLANETS: Secure Networking for a Data Center Cloud in Europe
Savolainen, P. (Manager), Savola, R. (Manager), Vähä-Heikkilä, T. (Owner) & Honka, H. (Participant)
1/04/16 → 30/04/19
Project: Business Finland project