Abstract
While the recent advances in data science and machine learning attract lots of attention in cyber security because of their promise for effective security analytics, vulnerability analysis, risk assessment, and security policy validation remain slightly aside. This is mainly due to the relatively slow progress in the theoretical formulation and the technological foundation of the cyber security concepts such as logical vulnerability, threats, and risks. In this article, we are proposing a framework for logical analysis, threat intelligence, and validation of security policies in cyber systems. It is based on multi-level model, consisting of ontology of situations and actions under security threats, security policies governing the security-related activities, and graph of the transactions. The framework is validated using a set of scenarios describing the most common security threats in digital banking, and a prototype of an event-driven engine for navigation through the intelligence graphs has been implemented. Although the framework was developed specifically for application in digital banking, the authors believe that it has much wider applicability to security policy analysis, threat intelligence, and security by design of cyber systems for financial, commercial, and business operations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. Nearly, 75% of Banks were Unprepared for Cyber Attacks in 2018 (2019). https://www.teiss.co.uk/threats/banks-cyber-threat-2018/. Last accessed 2019/10/27
J. Marous, Technology Giants pose major threat to banking industry, in The Financial Brand (2019). Last accessed 2019/10/27
Acunetix, Logical and Technical Vulnerabilities—What They are and how can they be Detected? (2019). https://www.acunetix.com. Last accessed: 2019/10/27
Netsparker, Understanding the Differences Between Technical and Logical Web Application Vulnerabilities (2019). https://www.netsparker.com/blog/web-security/logical-vs-technical-web-application-vulnerabilities/. Last accessed: 2019/10/27
Intruder Systems, A Proactive Vulnerability Scanner, for Your External Infrastructure (2019). https://intruder.io. Last accessed: 2019/06/30
Greenbone Networks, OpenVAS—Open Vulnerability Assessment System (2019). http://www.openvas.org/. Last accessed: 2019/07/01
Rapid7, Nexpose. Your On-prem Vulnerability Scanner (2019). https://www.rapid7.com. Last accessed: 2019/07/01
InfoSight, Network & Cyber Security Services (2016). https://www.infosightinc.com/solutions/it-security-services/network-security.php. Last accessed: 2019/06/29
Kenna Security, (2018). https://www.kennasecurity.com. Last accessed: 2019/06/29
Coalfire, Cyber Risk Services. https://www.coalfire.com. Last accessed 2019/04/26
Vigilant Software, vsRisk Cloud—Cyber Risk Assessments made Simple (2019). https://www.vigilantsoftware.co.uk/topic/vs-risk. Last accessed: 2019/10/27
ABB, System 800xA Cyber Security—Maximizing Cyber Security in Process Automation. https://new.abb.com/control-systems. Last accessed: 2019/10/27
Google,CSP Evaluator. https://csp-evaluator.withgoogle.com/. Last accessed: 2019/10/27
Threatmodeler, The Evolution of Threat Modeling (2016). https://threatmodeler.com/evolution-of-threat-modeling/. Last accessed: 2019/10/27
G. Blokdyk, in Threat Modelling, 2nd ed. (5STARCooks, 2018). ISBN: 0655196072
K. Bataityte, V. Vassilev, O. Gill, in Ontological Foundations of Modelling Security Policies for Logical Analysis, ed. by I. Maglogiannis, L. Iliadis, E. Pimenidis. Proceeding of the 16th Artificial Intelligence Applications and Innovations Conference - AIAI 2020, Thessaloniki, Greece (Springer, 2020, in print)
D. Allemang, J. Hendler, in Semantic Web for the Working Ontologist, (MK, 2011)
D. McGuinness, F. Van Harmelen (eds.), OWL Web Ontology Language (2004). https://www.w3.org/OWL/. Last accessed 2019/04/23
I. Horrocks, P. Patel-Schneider et al. (eds.), SWRL—A Semantic Web Rule Language (2004). https://www.w3.org/Submission/SWRL/. Last accessed 2019/04/23
A. Herzog, N. Shahmehri, C. Duma, An ontology of information security. Int. J. Inf. Secur. Privacy 1(4), 1–23 (2007)
A. Souag, C. Salinesi, I. Wattiau, Ontologies for security requirements, in Proceedings of International Conference on Advanced Information Systems Engineering CAISE2010 (2010), pp. 61–69
M. Iannacone, S. Bohn, G. Nakamura et al., Developing an ontology for cyber security knowledge graphs, in Proceedings of ACM CISR’15 (2015), pp. 12:1–12:4
Red Hat, Inc., Drools (overview). https://www.drools.org/. Last accessed 2019/03/11
Acknowledgements
The work reported here has been carried out at the Cyber Security Research Centre of London Metropolitan University. It was initiated in collaboration with Lloyds Banking Group to investigate the logical vulnerabilities in cross-channel banking. It was granted support from UK DCMS under Cyber ASAP program. It continues under a project dedicated to threat intelligence funded by Lloyds, but all examples in the paper are solely for the purpose of illustration and do not use any internal data from the bank. Any concepts, ideas, and opinions formulated by the authors in this article are not associated with the current security practices of Lloyds Banking Group.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Vassilev, V., Sowinski-Mydlarz, V., Gasiorowski, P., Ouazzane, K., Phipps, A. (2021). Intelligence Graphs for Threat Intelligence and Security Policy Validation of Cyber Systems. In: Bansal, P., Tushir, M., Balas, V., Srivastava, R. (eds) Proceedings of International Conference on Artificial Intelligence and Applications. Advances in Intelligent Systems and Computing, vol 1164. Springer, Singapore. https://doi.org/10.1007/978-981-15-4992-2_13
Download citation
DOI: https://doi.org/10.1007/978-981-15-4992-2_13
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-4991-5
Online ISBN: 978-981-15-4992-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)