Threat-oriented security framework in risk management using multiagent system

SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spir...

Full description

Saved in:
Bibliographic Details
Published in:Software, practice & experience practice & experience, 2013-09, Vol.43 (9), p.1013-1038
Main Authors: Bedi, Punam, Gandotra, Vandana, Singhal, Archana, Narang, Himanshi, Sharma, Sumit
Format: Article
Language:English
Subjects:
fuzzy logic
meta-agents
multiagent system planning
Multiagent systems
proactive risk management
Reproduction
research honeytokens
Risk
Risk management
Security
Servers
Software development
Spirals
statistical model
threat-oriented security model
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta‐agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd.
ISSN:0038-0644
1097-024X
DOI:10.1002/spe.2133