Litcius/Paper detail

Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack

B. Asvija, R. Eswari, M. B. Bijoy

2021Journal of Organizational and End User Computing13 citationsDOIOpen Access PDF

Abstract

Designing security mechanisms for cloud computing infrastructures has assumed importance with the widespread adoption of public clouds. Virtualization security is a crucial component of the overall cloud infrastructure security. In this article, the authors employ the concept of Bayesian networks and attack graphs to carry out sensitivity analysis on the different components involved in virtualization security for infrastructure as a service (IaaS) cloud infrastructures. They evaluate the Bayesian attack graph (BAG) for the IaaS model to reveal the sensitive regions and thus help the administrators to secure the high risk components in the stack. They present a formal definition of the sensitivity analysis and then evaluate using the BAG model for IaaS stack. The model and analysis presented here can also be used by security analysts and designers to make a selection of the security solutions based on the risk profile of vulnerable nodes and the corresponding cost involved in adding a defense against the identified vulnerabilities.

Topics & Concepts

Computer scienceVirtualizationCloud computingComputer securityCloud computing securitySensitivity (control systems)Computer security modelSecurity analysisComponent (thermodynamics)Distributed computingOperating systemEngineeringThermodynamicsElectronic engineeringPhysicsInformation and Cyber SecurityBayesian Modeling and Causal InferenceSoftware Reliability and Analysis Research
Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack | Litcius