Shancang Li Shancang.Li@uwe.ac.uk
Senior Lecturer in Computer Forensics and Security
Risk Assessment for Mobile Systems Through a Multilayered Hierarchical Bayesian Network
Li, Shancang; Tryfonas, Theo; Russell, Gordon; Andriotis, Panagiotis
Authors
Theo Tryfonas
Gordon Russell
Dr Panos Andriotis Panagiotis.Andriotis@uwe.ac.uk
Senior Lecturer in Computer Forensics and Security
Abstract
© 2015 IEEE. Mobile systems are facing a number of application vulnerabilities that can be combined together and utilized to penetrate systems with devastating impact. When assessing the overall security of a mobile system, it is important to assess the security risks posed by each mobile applications (apps), thus gaining a stronger understanding of any vulnerabilities present. This paper aims at developing a three-layer framework that assesses the potential risks which apps introduce within the Android mobile systems. A Bayesian risk graphical model is proposed to evaluate risk propagation in a layered risk architecture. By integrating static analysis, dynamic analysis, and behavior analysis in a hierarchical framework, the risks and their propagation through each layer are well modeled by the Bayesian risk graph, which can quantitatively analyze risks faced to both apps and mobile systems. The proposed hierarchical Bayesian risk graph model offers a novel way to investigate the security risks in mobile environment and enables users and administrators to evaluate the potential risks. This strategy allows to strengthen both app security as well as the security of the entire system.
Citation
Li, S., Tryfonas, T., Russell, G., & Andriotis, P. (2016). Risk Assessment for Mobile Systems Through a Multilayered Hierarchical Bayesian Network. IEEE Transactions on Cybernetics, 46(8), 1749-1759. https://doi.org/10.1109/TCYB.2016.2537649
Journal Article Type | Article |
---|---|
Acceptance Date | Feb 20, 2016 |
Online Publication Date | Apr 4, 2016 |
Publication Date | Aug 1, 2016 |
Deposit Date | Sep 7, 2016 |
Publicly Available Date | Mar 29, 2024 |
Journal | IEEE Transactions on Cybernetics |
Print ISSN | 2168-2267 |
Publisher | Institute of Electrical and Electronics Engineers |
Peer Reviewed | Peer Reviewed |
Volume | 46 |
Issue | 8 |
Pages | 1749-1759 |
DOI | https://doi.org/10.1109/TCYB.2016.2537649 |
Keywords | mobile communication, security, Bayes methods, analytical models, risk management, hidden Markov models, Android malware, Bayesian risks graphs, mobile security, risk assessment |
Public URL | https://uwe-repository.worktribe.com/output/920771 |
Publisher URL | http://dx.doi.org/10.1109/TCYB.2016.2537649 |
Additional Information | Additional Information : © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
Files
Manuscript_Final.pdf
(1.5 Mb)
PDF
You might also like
Bu-Dash: A universal and dynamic graphical password scheme
(2022)
Conference Proceeding
Feature vulnerability and robustness assessment against adversarial machine learning attacks
(2021)
Conference Proceeding
To allow, or deny? That is the question
(2020)
Conference Proceeding
Dataset: To Allow, or Deny? That is the Question
(2019)
Dataset
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search