Loading…
Threat-oriented security framework in risk management using multiagent system
SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spir...
Saved in:
| Published in: | Software, practice & experience practice & experience, 2013-09, Vol.43 (9), p.1013-1038 |
|---|---|
| Main Authors: | , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433 |
| container_end_page | 1038 |
| container_issue | 9 |
| container_start_page | 1013 |
| container_title | Software, practice & experience |
| container_volume | 43 |
| creator | Bedi, Punam Gandotra, Vandana Singhal, Archana Narang, Himanshi Sharma, Sumit |
| description | SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta‐agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd. |
| doi_str_mv | 10.1002/spe.2133 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1671391625</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3036211471</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433</originalsourceid><addsrcrecordid>eNp10ElLxEAQBeBGFBxHwZ8Q8OIlWtXr5Cju4Aaj6K1pk4q2k2XsThjn3xtRFAVPBY-PR_EY20bYQwC-H-e0x1GIFTZCyEwKXD6sshGAmKSgpVxnGzG-ACAqrkfs8vY5kOvSNnhqOiqSSHkffLdMyuBqWrRhlvgmCT7Okto17onqwSV99M1TUvdV54doCOIydlRvsrXSVZG2vu6Y3Z0c3x6epRfXp-eHBxdpLrKJSAXnGU7KUmWFJKXywmjUZUGKsCjVYymkAdDCZM48GiVznjkoyFBeaCgyKcSY7X72zkP72lPsbO1jTlXlGmr7aFEbFBlqrga684e-tH1ohu8sSjQK5QThpzAPbYyBSjsPvnZhaRHsx6522NV-7DrQ9JMufEXLf52d3hz_9n5Y6O3buzCz2gij7P3VqT06meqplNyCeAc3aogk</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1417514810</pqid></control><display><type>article</type><title>Threat-oriented security framework in risk management using multiagent system</title><source>Wiley:Jisc Collections:Wiley Read and Publish Open Access 2024-2025 (reading list)</source><creator>Bedi, Punam ; Gandotra, Vandana ; Singhal, Archana ; Narang, Himanshi ; Sharma, Sumit</creator><creatorcontrib>Bedi, Punam ; Gandotra, Vandana ; Singhal, Archana ; Narang, Himanshi ; Sharma, Sumit</creatorcontrib><description>SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta‐agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd.</description><identifier>ISSN: 0038-0644</identifier><identifier>EISSN: 1097-024X</identifier><identifier>DOI: 10.1002/spe.2133</identifier><language>eng</language><publisher>Bognor Regis: Blackwell Publishing Ltd</publisher><subject>fuzzy logic ; meta-agents ; multiagent system planning ; Multiagent systems ; proactive risk management ; Reproduction ; research honeytokens ; Risk ; Risk management ; Security ; Servers ; Software development ; Spirals ; statistical model ; threat-oriented security model</subject><ispartof>Software, practice & experience, 2013-09, Vol.43 (9), p.1013-1038</ispartof><rights>Copyright © 2012 John Wiley & Sons, Ltd.</rights><rights>Copyright © 2013 John Wiley & Sons, Ltd.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433</citedby><cites>FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Bedi, Punam</creatorcontrib><creatorcontrib>Gandotra, Vandana</creatorcontrib><creatorcontrib>Singhal, Archana</creatorcontrib><creatorcontrib>Narang, Himanshi</creatorcontrib><creatorcontrib>Sharma, Sumit</creatorcontrib><title>Threat-oriented security framework in risk management using multiagent system</title><title>Software, practice & experience</title><addtitle>Softw. Pract. Exper</addtitle><description>SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta‐agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd.</description><subject>fuzzy logic</subject><subject>meta-agents</subject><subject>multiagent system planning</subject><subject>Multiagent systems</subject><subject>proactive risk management</subject><subject>Reproduction</subject><subject>research honeytokens</subject><subject>Risk</subject><subject>Risk management</subject><subject>Security</subject><subject>Servers</subject><subject>Software development</subject><subject>Spirals</subject><subject>statistical model</subject><subject>threat-oriented security model</subject><issn>0038-0644</issn><issn>1097-024X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2013</creationdate><recordtype>article</recordtype><recordid>eNp10ElLxEAQBeBGFBxHwZ8Q8OIlWtXr5Cju4Aaj6K1pk4q2k2XsThjn3xtRFAVPBY-PR_EY20bYQwC-H-e0x1GIFTZCyEwKXD6sshGAmKSgpVxnGzG-ACAqrkfs8vY5kOvSNnhqOiqSSHkffLdMyuBqWrRhlvgmCT7Okto17onqwSV99M1TUvdV54doCOIydlRvsrXSVZG2vu6Y3Z0c3x6epRfXp-eHBxdpLrKJSAXnGU7KUmWFJKXywmjUZUGKsCjVYymkAdDCZM48GiVznjkoyFBeaCgyKcSY7X72zkP72lPsbO1jTlXlGmr7aFEbFBlqrga684e-tH1ohu8sSjQK5QThpzAPbYyBSjsPvnZhaRHsx6522NV-7DrQ9JMufEXLf52d3hz_9n5Y6O3buzCz2gij7P3VqT06meqplNyCeAc3aogk</recordid><startdate>201309</startdate><enddate>201309</enddate><creator>Bedi, Punam</creator><creator>Gandotra, Vandana</creator><creator>Singhal, Archana</creator><creator>Narang, Himanshi</creator><creator>Sharma, Sumit</creator><general>Blackwell Publishing Ltd</general><general>Wiley Subscription Services, Inc</general><scope>BSCLL</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>201309</creationdate><title>Threat-oriented security framework in risk management using multiagent system</title><author>Bedi, Punam ; Gandotra, Vandana ; Singhal, Archana ; Narang, Himanshi ; Sharma, Sumit</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2013</creationdate><topic>fuzzy logic</topic><topic>meta-agents</topic><topic>multiagent system planning</topic><topic>Multiagent systems</topic><topic>proactive risk management</topic><topic>Reproduction</topic><topic>research honeytokens</topic><topic>Risk</topic><topic>Risk management</topic><topic>Security</topic><topic>Servers</topic><topic>Software development</topic><topic>Spirals</topic><topic>statistical model</topic><topic>threat-oriented security model</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Bedi, Punam</creatorcontrib><creatorcontrib>Gandotra, Vandana</creatorcontrib><creatorcontrib>Singhal, Archana</creatorcontrib><creatorcontrib>Narang, Himanshi</creatorcontrib><creatorcontrib>Sharma, Sumit</creatorcontrib><collection>Istex</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Software, practice & experience</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Bedi, Punam</au><au>Gandotra, Vandana</au><au>Singhal, Archana</au><au>Narang, Himanshi</au><au>Sharma, Sumit</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Threat-oriented security framework in risk management using multiagent system</atitle><jtitle>Software, practice & experience</jtitle><addtitle>Softw. Pract. Exper</addtitle><date>2013-09</date><risdate>2013</risdate><volume>43</volume><issue>9</issue><spage>1013</spage><epage>1038</epage><pages>1013-1038</pages><issn>0038-0644</issn><eissn>1097-024X</eissn><abstract>SUMMARYPresent day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three‐phased threat‐oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta‐agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd.</abstract><cop>Bognor Regis</cop><pub>Blackwell Publishing Ltd</pub><doi>10.1002/spe.2133</doi><tpages>26</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0038-0644 |
| ispartof | Software, practice & experience, 2013-09, Vol.43 (9), p.1013-1038 |
| issn | 0038-0644 1097-024X |
| language | eng |
| recordid | cdi_proquest_miscellaneous_1671391625 |
| source | Wiley:Jisc Collections:Wiley Read and Publish Open Access 2024-2025 (reading list) |
| subjects | fuzzy logic meta-agents multiagent system planning Multiagent systems proactive risk management Reproduction research honeytokens Risk Risk management Security Servers Software development Spirals statistical model threat-oriented security model |
| title | Threat-oriented security framework in risk management using multiagent system |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-01T00%3A53%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Threat-oriented%20security%20framework%20in%20risk%20management%20using%20multiagent%20system&rft.jtitle=Software,%20practice%20&%20experience&rft.au=Bedi,%20Punam&rft.date=2013-09&rft.volume=43&rft.issue=9&rft.spage=1013&rft.epage=1038&rft.pages=1013-1038&rft.issn=0038-0644&rft.eissn=1097-024X&rft_id=info:doi/10.1002/spe.2133&rft_dat=%3Cproquest_cross%3E3036211471%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c3983-322918ff59d4e55cd7616fde5e1df5bf347006379a7b754c29a0de7ecd60d9433%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=1417514810&rft_id=info:pmid/&rfr_iscdi=true |