Malware Risk Analysis on the Campus Network with Bayesian Belief Network

Abstract

A security network management system is for providing clear guidelines on risk evaluation and assessmentfor enterprise networks. The threat and risk assessment is conducted to safeguard enterprise networkservices to maintain system confidentiality, integrity, and availability through effective control strategies.In this paper, based on our previous work in analyzing integrated information security management andmalware propagation on the campus network through mathematical modelling, we proposed BayesianBelief Network with inference level indicator to enable the decision maker to understand and provideappropriate mitigation decisions on the risks posed. We experimentally placed monitoring sensors on thecampus network that gives the threat alert priority levels and magnitude on the vulnerable informationassets. These methods will give a direction on the belief inferred due to malware prevalence on theinformation security assets for better understanding