Skip to main content
SpringerLink
Log in

Intelligence Graphs for Threat Intelligence and Security Policy Validation of Cyber Systems

  • Conference paper
  • First Online:
Proceedings of International Conference on Artificial Intelligence and Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1164))

Abstract

While the recent advances in data science and machine learning attract lots of attention in cyber security because of their promise for effective security analytics, vulnerability analysis, risk assessment, and security policy validation remain slightly aside. This is mainly due to the relatively slow progress in the theoretical formulation and the technological foundation of the cyber security concepts such as logical vulnerability, threats, and risks. In this article, we are proposing a framework for logical analysis, threat intelligence, and validation of security policies in cyber systems. It is based on multi-level model, consisting of ontology of situations and actions under security threats, security policies governing the security-related activities, and graph of the transactions. The framework is validated using a set of scenarios describing the most common security threats in digital banking, and a prototype of an event-driven engine for navigation through the intelligence graphs has been implemented. Although the framework was developed specifically for application in digital banking, the authors believe that it has much wider applicability to security policy analysis, threat intelligence, and security by design of cyber systems for financial, commercial, and business operations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. J. Nearly, 75% of Banks were Unprepared for Cyber Attacks in 2018 (2019). https://www.teiss.co.uk/threats/banks-cyber-threat-2018/. Last accessed 2019/10/27

  2. J. Marous, Technology Giants pose major threat to banking industry, in The Financial Brand (2019). Last accessed 2019/10/27

    Google Scholar 

  3. Acunetix, Logical and Technical Vulnerabilities—What They are and how can they be Detected? (2019). https://www.acunetix.com. Last accessed: 2019/10/27

  4. Netsparker, Understanding the Differences Between Technical and Logical Web Application Vulnerabilities (2019). https://www.netsparker.com/blog/web-security/logical-vs-technical-web-application-vulnerabilities/. Last accessed: 2019/10/27

  5. Intruder Systems, A Proactive Vulnerability Scanner, for Your External Infrastructure (2019). https://intruder.io. Last accessed: 2019/06/30

  6. Greenbone Networks, OpenVAS—Open Vulnerability Assessment System (2019). http://www.openvas.org/. Last accessed: 2019/07/01

  7. Rapid7, Nexpose. Your On-prem Vulnerability Scanner (2019). https://www.rapid7.com. Last accessed: 2019/07/01

  8. InfoSight, Network & Cyber Security Services (2016). https://www.infosightinc.com/solutions/it-security-services/network-security.php. Last accessed: 2019/06/29

  9. Kenna Security, (2018). https://www.kennasecurity.com. Last accessed: 2019/06/29

  10. Coalfire, Cyber Risk Services. https://www.coalfire.com. Last accessed 2019/04/26

  11. Vigilant Software, vsRisk Cloud—Cyber Risk Assessments made Simple (2019). https://www.vigilantsoftware.co.uk/topic/vs-risk. Last accessed: 2019/10/27

  12. ABB, System 800xA Cyber Security—Maximizing Cyber Security in Process Automation. https://new.abb.com/control-systems. Last accessed: 2019/10/27

  13. Google,CSP Evaluator. https://csp-evaluator.withgoogle.com/. Last accessed: 2019/10/27

  14. Threatmodeler, The Evolution of Threat Modeling (2016). https://threatmodeler.com/evolution-of-threat-modeling/. Last accessed: 2019/10/27

  15. G. Blokdyk, in Threat Modelling, 2nd ed. (5STARCooks, 2018). ISBN: 0655196072

    Google Scholar 

  16. K. Bataityte, V. Vassilev, O. Gill, in Ontological Foundations of Modelling Security Policies for Logical Analysis, ed. by I. Maglogiannis, L. Iliadis, E. Pimenidis. Proceeding of the 16th Artificial Intelligence Applications and Innovations Conference - AIAI 2020, Thessaloniki, Greece (Springer, 2020, in print)

    Google Scholar 

  17. D. Allemang, J. Hendler, in Semantic Web for the Working Ontologist, (MK, 2011)

    Google Scholar 

  18. D. McGuinness, F. Van Harmelen (eds.), OWL Web Ontology Language (2004). https://www.w3.org/OWL/. Last accessed 2019/04/23

  19. I. Horrocks, P. Patel-Schneider et al. (eds.), SWRL—A Semantic Web Rule Language (2004). https://www.w3.org/Submission/SWRL/. Last accessed 2019/04/23

  20. A. Herzog, N. Shahmehri, C. Duma, An ontology of information security. Int. J. Inf. Secur. Privacy 1(4), 1–23 (2007)

    Article  Google Scholar 

  21. A. Souag, C. Salinesi, I. Wattiau, Ontologies for security requirements, in Proceedings of International Conference on Advanced Information Systems Engineering CAISE2010 (2010), pp. 61–69

    Google Scholar 

  22. M. Iannacone, S. Bohn, G. Nakamura et al., Developing an ontology for cyber security knowledge graphs, in Proceedings of ACM CISR’15 (2015), pp. 12:1–12:4

    Google Scholar 

  23. Red Hat, Inc., Drools (overview). https://www.drools.org/. Last accessed 2019/03/11

Download references

Acknowledgements

The work reported here has been carried out at the Cyber Security Research Centre of London Metropolitan University. It was initiated in collaboration with Lloyds Banking Group to investigate the logical vulnerabilities in cross-channel banking. It was granted support from UK DCMS under Cyber ASAP program. It continues under a project dedicated to threat intelligence funded by Lloyds, but all examples in the paper are solely for the purpose of illustration and do not use any internal data from the bank. Any concepts, ideas, and opinions formulated by the authors in this article are not associated with the current security practices of Lloyds Banking Group.

Author information

Authors and Affiliations

  1. Cyber Security Research Centre, London Metropolitan University, London, UK

    Vassil Vassilev, Viktor Sowinski-Mydlarz & Pawel Gasiorowski

  2. School of Computing and Digital Media, London Metropolitan University, London, UK

    Karim Ouazzane & Anthony Phipps

Authors
  1. Vassil Vassilev
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Viktor Sowinski-Mydlarz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pawel Gasiorowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Karim Ouazzane
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Anthony Phipps
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vassil Vassilev .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Maharaja Surajmal Institute of Technology, New Delhi, India

    Poonam Bansal

  2. Department of Electrical and Electronics Engineering, Maharaja Surajmal Institute of Technology, New Delhi, India

    Meena Tushir

  3. Department of Automation and Applied Software, Aurel Vlaicu University of Arad, Arad, Romania

    Valentina Emilia Balas

  4. Department of Computer Science and Engineering, Indian Institute of Technology (BHU), Varanasi, India

    Rajeev Srivastava

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vassilev, V., Sowinski-Mydlarz, V., Gasiorowski, P., Ouazzane, K., Phipps, A. (2021). Intelligence Graphs for Threat Intelligence and Security Policy Validation of Cyber Systems. In: Bansal, P., Tushir, M., Balas, V., Srivastava, R. (eds) Proceedings of International Conference on Artificial Intelligence and Applications. Advances in Intelligent Systems and Computing, vol 1164. Springer, Singapore. https://doi.org/10.1007/978-981-15-4992-2_13

Download citation

Publish with us

Policies and ethics

Search

Navigation