Skip to content

Risk Assessment for Mobile Systems Through a Multilayered Hierarchical Bayesian Network

Research output: Contribution to journalArticle

Original languageEnglish
Pages (from-to)1749-1759
Number of pages11
JournalIEEE Transactions on Cybernetics
Volume46
Journal issue8
Early online date4 Apr 2016
DOIs
StatePublished - Aug 2016

Abstract

Mobile systems are facing a number of application vulnerabilities that can be combined together and utilized to penetrate systems with devastating impact. When assessing the overall security of a mobile system, it is important to assess the security risks posed by each mobile applications (apps), thus gaining a stronger understanding of any vulnerabilities present. This paper aims at developing a three-layer framework that assesses the potential risks which apps introduce within the Android mobile systems. A Bayesian risk graphical model is proposed to evaluate risk propagation in a layered risk architecture. By integrating static analysis, dynamic analysis, and behavior analysis in a hierarchical framework, the risks and their propagation through each layer are well modeled by the Bayesian risk graph, which can quantitatively analyze risks faced to both apps and mobile systems. The proposed hierarchical Bayesian risk graph model offers a novel way to investigate the security risks in mobile environment and enables users and administrators to evaluate the potential risks. This strategy allows to strengthen both app security as well as the security of the entire system.

Download statistics

No data available

Documents

Documents

  • Full-text PDF (accepted author manuscript)

    Rights statement: This is the accepted author manuscript (AAM). The final published version (version of record) is available online via IEEE at http://dx.doi.org/10.1109/TCYB.2016.2537649. Please refer to any applicable terms of use of the publisher.

    Accepted author manuscript, 468 KB, PDF-document

DOI

View research connections

Related faculties, schools or groups