Skip to main content
SpringerLink
Log in

Security risk situation quantification method based on threat prediction for multimedia communication network

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Multimedia communication network has gained remarkable popularity by a wide spectrum of users nowadays. It is easier that the potential threats conceal within the large-scale net flow of multimedia communication traffic. Once vulnerability exploitation occurs, the latent risk will be brought to the surface, causing a series of safety problems. Thus, the vulnerability analysis and threat prediction are becoming critical issues. Recently years, many investigations have been made. However, they are not sufficient. To provide a comprehensive view of the threat scenario and present a quantitative risk-aware approach, we propose a novel method for threat identification, and further we build a quantitative security risk model with it. Actually, two algorithms are proposed, namely dynamic Bayesian attack graph based threat prediction algorithm, and threat prediction based security risk quantification algorithm. The first algorithm aims to provide full prediction information with threat scenario. The second algorithm quantifies the threat in the first algorithm into the security risk from two levels: host and network. The examples indicate that our method is feasible and scalable, which enables a manager to quantify the risks of any identified threat or ongoing attack and to recognize the vulnerable multimedia devices to keep secure multimedia communication.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Ahmad A, Abdur Rahman M, Sadiq B et al (2015) Visualization of a scale free network in a smart phone based multimedia big data environment. In Proc. BigMM’15, 286-287

  2. Apurba KN, Medal HR, Vadlamani S (2016) Interdicting attack graphs to protect organizations from cyber-attacks A bi-level defender–attacker model. Comput Oper Res 75(11):118–131

    MathSciNet  MATH  Google Scholar 

  3. ArcSight ESM: Enterprise security manager [OL]. 2016 available on http://cn.linkedincom/topic/enterprise-security-manager

  4. Bass T (2000) Intrusion detection systems & multisensory data fusion: creating cyberspace situational awareness. Commun ACM 43(4):99–105

    Article  Google Scholar 

  5. Cai Z, Zhang Q, Gan Y (2014) Intrusion intention recognition and response based on weighed plan knowledge graph. Comput Model New Techno 18(12B):151–157

    Google Scholar 

  6. Chen G, Shen D, Jose B, Cruz J (2006) Chiman Kwan,Martin Kruger, Game Theoretic Approach to Threat Prediction and Situation Awareness. Proc of 9th International Conference on Information Fusion, Florence, Italy, 789–796

  7. Dai F, Hu Y, Zheng K, Wu B (2015) Exploring risk flow attack graph for security risk assessment. IET Inf Secur 9(6):344–353

    Article  Google Scholar 

  8. Endsley MR (1988) Design and evaluation for situation awareness enhancement. Proc of the Human Factors Society 32nd Annual Meeting. Santa Monica, CA: Human Factors. Society:97–101

  9. Fava DS, Byers SR, Yang SJ (2008) Projecting cyber-attacks through variable-length Markov models. IEEE Trans Inform Forensics Sec 3(3):359–369

    Article  Google Scholar 

  10. Fredj OB (2015) A realistic graph-based alert correlation system. Sec Commun Netwk 8(15):2477–2493

    Article  Google Scholar 

  11. Ge P, Wang J, Ren P, Gao H, Luo Y (2013) A new improved forecasting method integrated fuzzy time series with the exponential smoothing method. Int J Environ Pollut 51(3/4):206–221

    Article  Google Scholar 

  12. Ghasemigol M, Ghaemi BA, Takabi H (2016) A comprehensive approach for network attack forecasting. Comput Sec 58:83–105

    Article  Google Scholar 

  13. Hao YH, Han JH, Yi L, Liu L (2016) Vulnerability of complex networks under three-level-tree attacks. Physica A 462:674–683

    Article  MathSciNet  Google Scholar 

  14. Jiang D, Yuan Z, Zhang P, Miao L, Zhu T (2016) A traffic anomaly detection approach in communication networks for applications of multimedia medical devices. Multimed Tools Appl 75(22):1–25

    Google Scholar 

  15. Juan Y, Simon D, Susan MK (2012) Situation identification techniques in pervasive computing: a review. Pervasive Mobile Comput 8:36–66

    Article  Google Scholar 

  16. Kim J, Ryu ES (2016) Stochastic stable buffer control for quality-adaptive HEVC video transmission in enterprise WLAN architectures. J Real-Time Image Proc 12(2):465–471

    Article  Google Scholar 

  17. Koukopoulos D (2008) Stability of heterogeneous multimedia networks against adversarial attacks. IEEE International Conference on Communications and NETWORKING, China, pp 1259–1263

    Google Scholar 

  18. Koukopoulos D (2009) The impact of dynamic adversarial attacks on the stability of heterogeneous multimedia networks. IEEE International Conference on Multimedia Information NETWORKING and Security, Wuhan, pp 439–443

    Google Scholar 

  19. Li A, Miao Z, Cen Y, Cen Y (2016) Anomaly detection using sparse reconstructionin crowded scenes. Multimed Tools Appl. https://doi.org/10.1007/s11042-016-4115-6

  20. Lian S, Gritzalis S (2015) Innovations in emerging multimedia communication systems. Telecommun Syst 59(3):289–290

    Article  Google Scholar 

  21. Lin Y, Yang J, Lv Z et al (2015) A self-assessment stereo capture model applicable to the internet of things. Sensors 15(8):20925–20944

    Article  Google Scholar 

  22. Liu S, Lin Y (2016) Network Security Risk Assessment Method Based on HMM and Attack Graph Model. Proc of 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), Shanghai, China 517-52

  23. Lye K, Wing JM (2005) Game strategies in network security. Int J Inform Sec 4(1/2):71–86

    Article  Google Scholar 

  24. National Vulnerability Database (2016) Available on https://web.nvd.nistgov/view/vuln/search

  25. NIST (2012). Guide for Conducting Risk Assessments. U.S. National Institute of Standards and Technologies. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

  26. Ou X, Govindavajhala S, Appel AW (2005) MulVAL: A logic-based network security analyzer Proc of 14th Usenix Security Symposium, Baltimore, 113-127

  27. Paul A, Mark V (1999) The Importance of Security in Modern Communication Networks. The 5th International Conference on Information Systems Analysis and Synthesis, Orlando, 443–450

  28. Qu ZY, Li YY, Li P (2010) A network security situation evaluation method based on D-S evidence theory. Proc 2nd Conf Environ Sci Inform Appl Technol, Washington, DC: IEEE Comput Soc 2:496–499

    Google Scholar 

  29. Schiffman M. Common Vulnerability Scoring System (CVSS). available on https://www.first.org/cvss.Html

  30. Serra E, Jajodia S, Pugliese A, Rullo A, Subrahmanian VS (2015) Pareto-optimal adversarial defense of enterprise systems. ACM Trans Inform Syst Sec 17(3):1–11

    Article  Google Scholar 

  31. Shahrulniza M, Parish DJ (2007) Visualising communication network security attacks. International Conference on Information Vizualization, Zurich, pp 726–733

    Google Scholar 

  32. Tse R, Zhang L F, Lei P, Pau G (2017) Social Network Based Crowd Sensing for Intelligent Transportation and Climate Applications. Mobile Networks & Applications :1-7

  33. Wang H, Liang Y, Li B (2010) Dynamic awareness of network security situation based on stochastic game theory Proc of 2nd IEEE International Conference on Software Engineering and Data Mining, Chengdu, 101-105

  34. Wang L, Zou H, Su J, Li L, Chaudhry S (2013) An ARIMA-ANN hybrid model for time series forecasting. Syst Res Behav Sci 30(3):244–259

    Article  Google Scholar 

  35. Wang Y, Li J, Meng K, Lin C, Cheng X (2013) Modeling and security analysis of enterprise network using attack-defense stochastic game Petri nets. Sec Commun Netwk 6(1):1–11

    Article  Google Scholar 

  36. Wu J, Ota K, Dong M, Li J, Wang H (2016) Big data analysis based security situational awareness for smart grid. IEEE Trans Big Data. https://doi.org/10.1109/TBDATA.2016.2616146

  37. Wu Y, Zhang L, Bryankinns N, Barthet M (2017) Open symphony: creative participation for audiences of live music performances. IEEE Multimed 24(1):48–62

    Article  Google Scholar 

  38. Yang T, Yu B, Wang H et al (2015) Cryptanalysis and improvement of Panda-public auditing for shared datain cloud and internet of things. Multimed Tools Appl:1–18

  39. Yang J, He S, Lin Y et al (2015) Multimedia cloud transmission and storage system based on internet of things. Multimed Tools Appl :1-16

  40. Yi S, Peng Y, Xiong Q, Wang T, Dai Z (2014) Overview on attack graph generation and visualization technology. Proc of 2013 I.E. International Conference on Anti-Counterfeiting, Security and Identification

  41. Young, Carl S (2010) Security threats and risk. Metrics and Methods for Security Risk Management (Chapter 1) 3–18 DOI: https://doi.org/10.1016/B978-1-85617-978-2.00007-1

  42. Yu W, Zhang N, Fu X et al (2010) Self-disciplinary worms and countermeasures: modeling and analysis. IEEE Trans Parallel Distrib Syst 21(10):1501–1514

    Article  Google Scholar 

  43. Zhang W, Yang T, Shi YQ, Peng XN, DB H (2012) A Chaotic Characteristics identification method for network security situation time series. J Inform Comput Sci 9(5):1548–7741

    Google Scholar 

Download references

Acknowledgements

The authors would like to thank the reviewers for their detailed reviews and constructive comments. The authors would like to thank to Dr. Yuling Liu and Prof. Runguo Ye for their valuable discussions. This work is supported by the National High Technology Research and Development Program of China (2012AA012704, 2015AA016006), the National Key Research and Development Program of China (2016YFF0204003), the Equipment Pre-research Foundation during the 13th Five-Year Plan (61400020201), CCF-Venus “Hongyan” research plan of China (2017003) and the Key Lab of Information Network Security, Ministry of Public Security (C15604).

Author information

Authors and Affiliations

  1. Zhengzhou Information Science and Technology Institute, Zhengzhou, China

    Hao Hu, Hongqi Zhang & Yingjie Yang

  2. Henan Key Laboratory of Information Security, Zhengzhou, China

    Hao Hu, Hongqi Zhang & Yingjie Yang

Authors
  1. Hao Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongqi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yingjie Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hao Hu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hu, H., Zhang, H. & Yang, Y. Security risk situation quantification method based on threat prediction for multimedia communication network. Multimed Tools Appl 77, 21693–21723 (2018). https://doi.org/10.1007/s11042-017-5602-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-017-5602-0

Keywords

Search

Navigation