Risk assessment for mobile systems through a multilayered hierarchical Bayesian network.

Mobile systems are facing a number of application vulnerabilities that can be combined together and utilized to penetrate systems with devastating impact. When assessing the overall security of a mobile system, it is important to assess the security risks posed by each mobile applications (apps), thus gaining a stronger understanding of any vulnerabilities present. This paper aims at developing a three-layer framework that assesses the potential risks which apps introduce within the Android mobile systems. A Bayesian risk graphical model is proposed to evaluate risk propagation in a layered risk architecture. By integrating static analysis, dynamic analysis, and behavior analysis in a hierarchical framework, the risks and their propagation through each layer are well modeled by the Bayesian risk graph, which can quantitatively analyze risks faced to both apps and mobile systems. The proposed hierarchical Bayesian risk graph model offers a novel way to investigate the security risks in mobile environment and enables users and administrators to evaluate the potential risks. This strategy allows to strengthen both app security as well as the security of the entire syste

Risk Management Governance in Applications

This paper is an overview of risk management governance in applications, a detailed discussion has been provided regarding the importance of developing and implementing a well-organized risk management governance that will enhance the trust of the users when it comes to using an application and at the same time will also provide them with a safety net which will be designed to protect them from any type of security breach. The paper will also stress on the necessity of the application developers to remain proactive to identify future potential threats that may overpower the existing security system and prepare them accordingly. In case a data leakage is in place, there should be a proper mechanism to identify the leakage and amend it within a short period of time which will work as a damage control initiative. This paper will also discuss certain aspects that are closely related to gaining the trust of the users which may include a proper safety rating system that can be interpreted by the users. Secondly, there is a need to ensure that the apps are demanding for less permission which may assist with reducing the possibility of serious privacy violation in times of data breach. DOI: 10.7176/IKM/10-2-07 Publication date: February 29th 202

Dynamic Security Risk Evaluation via Hybrid Bayesian Risk Graph in Cyber-Physical Social Systems

© 2014 IEEE. Cyber-physical social system (CPSS) plays an important role in both the modern lifestyle and business models, which significantly changes the way we interact with the physical world. The increasing influence of cyber systems and social networks is also a high risk for security threats. The objective of this paper is to investigate associated risks in CPSS, and a hybrid Bayesian risk graph (HBRG) model is proposed to analyze the temporal attack activity patterns in dynamic cyber-physical social networks. In the proposed approach, a hidden Markov model is introduced to model the dynamic influence of activities, which then be mapped into a Bayesian risks graph (BRG) model that can evaluate the risk propagation in a layered risk architecture. Our numerical studies demonstrate that the framework can model and evaluate risks of user activity patterns that expose to CPSSs

Riskindroid: Machine Learning-Based risk analysis on Android

open2noRisk analysis on Android is aimed at providing metrics to users for evaluating the trustworthiness of the apps they are going to install. Most of current proposals calculate a risk value according to the permissions required by the app through probabilistic functions that often provide unreliable risk values. To overcome such limitations, this paper presents RiskInDroid, a tool for risk analysis of Android apps based on machine learning techniques. Extensive empirical assessments carried out on more than 112K apps and 6K malware samples indicate that RiskInDroid outperforms probabilistic methods in terms of precision and reliability.openMerlo, Alessio; Georgiu, Gabriel ClaudiuMerlo, Alessio; Georgiu, Gabriel Claudi

Product risk assessment: a Bayesian network approach

Product risk assessment is the overall process of determining whether a product, which could be anything from a type of washing machine to a type of teddy bear, is judged safe for consumers to use. There are several methods used for product risk assessment, including RAPEX, which is the primary method used by regulators in the UK and EU. However, despite its widespread use, we identify several limitations of RAPEX including a limited approach to handling uncertainty and the inability to incorporate causal explanations for using and interpreting test data. In contrast, Bayesian Networks (BNs) are a rigorous, normative method for modelling uncertainty and causality which are already used for risk assessment in domains such as medicine and finance, as well as critical systems generally. This article proposes a BN model that provides an improved systematic method for product risk assessment that resolves the identified limitations with RAPEX. We use our proposed method to demonstrate risk assessments for a teddy bear and a new uncertified kettle for which there is no testing data and the number of product instances is unknown. We show that, while we can replicate the results of the RAPEX method, the BN approach is more powerful and flexible

Enhancing health risk prediction with deep learning on big data and revised fusion node paradigm

With recent advances in health systems, the amount of health data is expanding rapidly in various formats. This data originates from many new sources including digital records, mobile devices, and wearable health devices. Big health data offers more opportunities for health data analysis and enhancement of health services via innovative approaches. The objective of this research is to develop a framework to enhance health prediction with the revised fusion node and deep learning paradigms. Fusion node is an information fusion model for constructing prediction systems. Deep learning involves the complex application of machine-learning algorithms, such as Bayesian fusions and neural network, for data extraction and logical inference. Deep learning, combined with information fusion paradigms, can be utilized to provide more comprehensive and reliable predictions from big health data. Based on the proposed framework, an experimental system is developed as an illustration for the framework implementatio

Enhancing cloud security through the integration of deep learning and data mining techniques: A comprehensive review

Cloud computing is crucial in all areas of data storage and online service delivery. It adds various benefits to the conventional storage and sharing system, such as simple access, on-demand storage, scalability, and cost savings. The employment of its rapidly expanding technologies may give several benefits in protecting the Internet of Things (IoT) and physical cyber systems (CPS) from various cyber threats, with IoT and CPS providing facilities for people in their everyday lives. Because malware (malware) is on the rise and there is no well-known strategy for malware detection, leveraging the cloud environment to identify malware might be a viable way forward. To avoid detection, a new kind of malware employs complex jamming and packing methods. Because of this, it is very hard to identify sophisticated malware using typical detection methods. The article presents a detailed assessment of cloud-based malware detection technologies, as well as insight into understanding the cloud's use in protecting the Internet of Things and critical infrastructure from intrusions. This study examines the benefits and drawbacks of cloud environments in malware detection, as well as presents a methodology for detecting cloud-based malware using deep learning and data extraction and highlights new research on the issues of propagating existing malware. Finally, similarities and variations across detection approaches will be exposed, as well as detection technique flaws. The findings of this work may be utilized to highlight the current issue being tackled in malware research in the future

Intelligent evacuation management systems: A review

Crowd and evacuation management have been active areas of research and study in the recent past. Various developments continue to take place in the process of efficient evacuation of crowds in mass gatherings. This article is intended to provide a review of intelligent evacuation management systems covering the aspects of crowd monitoring, crowd disaster prediction, evacuation modelling, and evacuation path guidelines. Soft computing approaches play a vital role in the design and deployment of intelligent evacuation applications pertaining to crowd control management. While the review deals with video and nonvideo based aspects of crowd monitoring and crowd disaster prediction, evacuation techniques are reviewed via the theme of soft computing, along with a brief review on the evacuation navigation path. We believe that this review will assist researchers in developing reliable automated evacuation systems that will help in ensuring the safety of the evacuees especially during emergency evacuation scenarios