Technical gazette, Vol. 31 No. 2, 2024.
Original scientific paper
https://doi.org/10.17559/TV-20230328000486
Computer Vision-Based Risk Assessment on Heterogeneous Mobile Network Operating Environments
Youngjun Kim
; Busan University of Foreign Studies, 46234 65, Geumsaem-ro 485-gil, Geumjeong-gu, Busan, Republic of Korea
Namkyun Baik
; Duksung Women’s University, 01369 Samyang-ro, Dobong-gu, Seoul, Republic of Korea
*
* Corresponding author.
Abstract
In order to logically prioritize the urgent risks in the heterogeneous mobile network operating environment, we derive environmental factors that can reflect the characteristics of the heterogeneous network operating environment and present them as an improved security risk assessment formula. The prioritized risks derived through this improved risk assessment formula can visually express the severity of the risk by using computer vision. The purpose of this study was to derive environmental factors that can reflect the security control characteristics of various heterogeneous network operating environments and to apply them to security risk evaluation formulas to prioritize urgent risks and easily identify the degree of security risks. In the existing risk assessment formula, risk is calculated based on three indices: the importance of the asset, the vulnerability score, and the threat score. However, two problems were derived from the existing risk assessment. First, the existing risk assessment formula is insufficient to reflect the controlled environment characteristics of each network because the risk level is calculated based on individual assets. Second, if the same systems with the same purpose (same settings) are operated in different heterogeneous network operating environments, they are counted at the same risk level, and action cannot be prioritized quickly. To solve these problems, we propose an indicator called environmental factor (E), which is a combination of three indices. The three indices are "Network Diversity Index (NDI), network Zone Separation Index (ZSI) and Control Level Index (CLI)". NDI expressed the diversity of networks numerically. ZSI is a numerical expression of the complexity of the network zone. CLI is a numerical expression of the degree of network control level. Results of the study showed that the risk assessment formula applying the proposed risk assessment factors can quickly identify urgent risks and act quickly. In heterogeneous mobile network operating environment in which numerous systems are operated, really urgent risks among the risks calculated through the proposed risk assessment will be handled quickly and logically.
Keywords
heterogeneous network; quantitative risk model; risk analysis; risk assessment; risk management
Hrčak ID:
314827
URI
Publication date:
29.2.2024.
Visits: 740 *