Kolev, Denis (2021) Probabilistic mathematical modelling for security risk assessment. PhD thesis, University of Glasgow.
Full text available as:![[thumbnail of 2021KolevPhD.pdf]](https://theses.gla.ac.uk/style/images/fileicons/other.png) |
PDF
Download (4MB) |
Abstract
This thesis presents a novel framework for security risk assessment (SRA) and identification, comprising mathematical algorithms and a family of models. Recently, due to the growing incidence of cyber-attacks and cyber-fraud, as well as terrorist attacks and other adversarial activities, qualitative and comprehensive SRA and security risk management have become increasingly important. For large-scale systems, SRA and related data processing tasks are challenging due to the large amount of available information, as well as the diversity and complexity of data sources. However, SRA relies mainly on procedures that, despite being well-formalised, are manual, which introduces the “human factor" as early as the system design stages. The existence of multiple possible threats, along with the variability of the information received from different sensors, has increased the complexity of situation awareness analysis, which often results in scenarios where security officers (operators) are overwhelmed with data and, in certain cases, a high false positive rate. The primary motivation behind this work was to develop a general mathematical approach to SRA based on statistical data processing, data fusion techniques, and game theoretic models.
The proposed framework is based on a slight adjustment of the existing SRA methodology for threat modelling, augmented by additional mathematical formalisations. In general, two primary models are presented as the main contribution:
• “Static Model" for SRA, which is applicable at the stage of designing the protection
of the considered system.
• “Dynamic Model" for the processing of generic security-related data, which is applied
when the system is in operation.
Both models use graph theory as a basis. The static model uses game theory for optimal protection design, while the dynamic model applies Bayesian inference techniques for “online" data processing.
| Item Type: | Thesis (PhD) |
|---|---|
| Qualification Level: | Doctoral |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Colleges/Schools: | College of Science and Engineering > School of Computing Science |
| Supervisor's Name: | Miller, Professor Alice and Johnson, Mr. Christopher |
| Date of Award: | 2021 |
| Depositing User: | Theses Team |
| Unique ID: | glathesis:2021-82528 |
| Copyright: | Copyright of this thesis is held by the author. |
| Date Deposited: | 22 Oct 2021 10:28 |
| Last Modified: | 08 Apr 2022 17:07 |
| Thesis DOI: | 10.5525/gla.thesis.82528 |
| URI: | https://theses.gla.ac.uk/id/eprint/82528 |
Actions (login required)
 |
View Item |
Downloads
Downloads per month over past year
Tools
Tools
