Abstract | ||
---|---|---|
Traditional risk assessment methods have problems with the subjectivity of assessors and inaccuracy of vulnerability detection, which leads to unreliable and non-quantitative assessment results. To address these problems, this paper proposed a method to assess system risk based on software behavior. The behavior of untrusted software calling is necessarily associated with system risk, specifically, the larger the number and scope of untrusted software called, the higher risk the system faces, and vice versa. In other words, illegal operation of computers is the specific form of system risk and there is a probabilistic correlation between them. Because the number and scope of untrusted software calling can be accurately measured while risk level cannot be observed directly, this paper used a quantitative analysis method (HMM) to assess the system risk level, which ensures objectivity and accuracy of results. Furthermore, this paper analyzed and explained the risk assessment method based on software behavior through experiments. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1109/ISI.2019.8823394 | 2019 IEEE International Conference on Intelligence and Security Informatics (ISI) |
Keywords | Field | DocType |
risk assessment,untrusted software behavior,HMM,quantification | Risk level,Data mining,Software behavior,Computer science,Risk assessment,Software,Probabilistic logic,Hidden Markov model,Vulnerability detection | Conference |
ISBN | Citations | PageRank |
978-1-7281-2505-3 | 0 | 0.34 |
References | Authors | |
0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Guorong Chen | 1 | 0 | 0.34 |
Kun Wang | 2 | 79 | 14.33 |
Jian Tan | 3 | 0 | 0.34 |
Xiaoyong Li | 4 | 228 | 28.07 |