Reference Hub12
Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack

Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack

Asvija B., Eswari R., Bijoy M. B.
Copyright: © 2021 |Volume: 33 |Issue: 4 |Pages: 26
ISSN: 1546-2234|EISSN: 1546-5012|EISBN13: 9781799859079|DOI: 10.4018/JOEUC.20210701.oa3
Cite Article Cite Article

MLA

Asvija B., et al. "Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack." JOEUC vol.33, no.4 2021: pp.44-69. http://doi.org/10.4018/JOEUC.20210701.oa3

APA

Asvija B., Eswari R., & Bijoy M. B. (2021). Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack. Journal of Organizational and End User Computing (JOEUC), 33(4), 44-69. http://doi.org/10.4018/JOEUC.20210701.oa3

Chicago

Asvija B., Eswari R., and Bijoy M. B. "Security Threat Modelling With Bayesian Networks and Sensitivity Analysis for IAAS Virtualization Stack," Journal of Organizational and End User Computing (JOEUC) 33, no.4: 44-69. http://doi.org/10.4018/JOEUC.20210701.oa3

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Designing security mechanisms for cloud computing infrastructures has assumed importance with the widespread adoption of public clouds. Virtualization security is a crucial component of the overall cloud infrastructure security. In this article, the authors employ the concept of Bayesian networks and attack graphs to carry out sensitivity analysis on the different components involved in virtualization security for infrastructure as a service (IaaS) cloud infrastructures. They evaluate the Bayesian attack graph (BAG) for the IaaS model to reveal the sensitive regions and thus help the administrators to secure the high risk components in the stack. They present a formal definition of the sensitivity analysis and then evaluate using the BAG model for IaaS stack. The model and analysis presented here can also be used by security analysts and designers to make a selection of the security solutions based on the risk profile of vulnerable nodes and the corresponding cost involved in adding a defense against the identified vulnerabilities.