Networks including Cloud are becoming more and more ubiquitous and the number of entities/nodes they have is increasing rapidly. This situation looks grim from a security point of view since the risks for most of the devices in these networks are unknown. In this project, we focus on developing a system that estimates the risks on entities over time and we present methodologies to use these estimates for managing the risks in the network. We develop a graphical model using the connections made in this network that can incorporate side information such as risks of limited number of entities. This graphical model is natural to the problem and an effective way to learn the relationships among entities present. Then we use the graph to propagate the risks where given initial risk estimates on every entity we predict these estimates over time.

Network Risk Estimation (NRE): A Risk Estimation Paradigm for Cyber Networks

Risk measurements in cyber networks are a vital part of network security. Given a threat, measuring the entity risks has been a viable option in cyber-network security. However, the dynamic behavior of entities that make up the network and the sparsity of risk-measurable points are limiting factors for risk measurement strategies, which results in poor network visibility. This work proposes a new risk estimation approach to network security, which is data-driven and probabilistic. The proposed method extracts relationships among system components from the network connection data and models risk propagation based on the learned relationships. The resulting work yields probabilistic risk estimates for the network observed via the connection data and carries all the benefits of quantitative risk assessment tools such as safe routing design.