Skip to the main content

Original scientific paper

https://doi.org/10.24138/jcomss-2023-0128

A Methodology for Dynamic Security Risks Assessment in Interconnected IT Systems

Seraj Fayyad ; Al-Zaytoonah University of Jordan, Amman, Jordan *
Ahmad Alkhatib ; Al-Zaytoonah University of Jordan, Amman, Jordan
Farhan Abdel-Fattah ; Al-Zaytoonah University of Jordan, Amman, Jordan
Hani Almimi ; Al-Zaytoonah University of Jordan, Amman, Jordan

* Corresponding author.


Full text: english pdf 3.003 Kb

page 13-22

downloads: 243

cite


Abstract

The network of any IT system is subject to continuous changes, such as the addition of new nodes, software installations, and the emergence of new vulnerabilities. On the other hand, the importance of nodes within the IT system’s network varies due to various factors, impacting the severity of potential node exploitation. Additionally, the interconnected nature of the nodes means that the security of each node is interdependent on the others nodes. In this context, effective risk assessment methodologies that consider the factors which impact the security of the system are crucial. This paper introduces an innovative methodology that takes into account the aforementioned factors. The proposed approach evaluates vulnerabilities, interconnections, and dynamic changes to deliver a comprehensive and up-to-date security risk assessment. By employing this methodology, administrators gain better control over system security with dynamic evaluations that support well-informed decisions. Furthermore, the methodology facilitates risk assessment for specific nodes and enables the quantification of their security levels. Due to a thorough assessment, the proposed methodology empowers IT administrators to improve the overall security of the system.

Keywords

Risk assessment; Interconnections; Attack graph; IDS; node important degree; Security risks; Impact of changes; Quantifying security implications; Exploitability; Security control

Hrčak ID:

314240

URI

https://hrcak.srce.hr/314240

Publication date:

15.1.2024.

Visits: 725 *