Agent Based Cybersecurity Model for Business Entity Risk Assessment

Author

Lirim Ashiku
Cihan H. Dagli, Missouri University of Science and TechnologyFollow

Abstract

Computer networks and surging advancements of innovative information technology construct a critical infrastructure for network transactions of business entities. Information exchange and data access though such infrastructure is scrutinized by adversaries for vulnerabilities that lead to cyber-attacks. This paper presents an agent-based system modelling to conceptualize and extract explicit and latent structure of the complex enterprise systems as well as human interactions within the system to determine common vulnerabilities of the entity. The model captures emergent behavior resulting from interactions of multiple network agents including the number of workstations, regular, administrator and third-party users, external and internal attacks, defense mechanisms for the network setting, and many other parameters. A risk-based approach to modelling cybersecurity of a business entity is utilized to derive the rate of attacks. A neural network model will generalize the type of attack based on network traffic features allowing dynamic state changes. Rules of engagement to generate self-organizing behavior will be leveraged to appoint a defense mechanism suitable for the attack-state of the model. The effectiveness of the model will be depicted by time-state chart that shows the number of affected assets for the different types of attacks triggered by the entity risk and the time it takes to revert into normal state. The model will also associate a relevant cost per incident occurrence that derives the need for enhancement of security solutions.

Recommended Citation

L. Ashiku and C. H. Dagli, "Agent Based Cybersecurity Model for Business Entity Risk Assessment," Proceedings of the 6th IEEE International Symposium on Systems Engineering (2020), pp. 1 - 6, Institute of Electrical and Electronics Engineers (IEEE), Nov 2020.

The definitive version is available at https://doi.org/10.1109/ISSE49799.2020.9272234

Meeting Name

6th IEEE International Symposium on Systems Engineering (2020: Oct. 12-Nov. 12, Virtual)

Department(s)

Engineering Management and Systems Engineering

Keywords and Phrases

agent-based modelling; cybersecurity; defense strategies; network threats; risk assessment

International Standard Book Number (ISBN)

978-172818602-3

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2020 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

12 Nov 2020