Jin B. Hong

Jin B. Hong
University of Western Australia | UWA

Doctor of Philosophy

About

59
Publications
10,902
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,078
Citations
Citations since 2017
42 Research Items
1019 Citations
2017201820192020202120222023050100150200
2017201820192020202120222023050100150200
2017201820192020202120222023050100150200
2017201820192020202120222023050100150200

Publications

Publications (59)
Article
The dynamicity of today’s networks has created uncertainties for security administrators about the defense options to deploy. In this paper, we consider the administrator’s challenge of selecting and deploying the best set of heterogeneous security hardening solutions for dynamic networks given multiple constraints (such as fixed budget, availabili...
Article
Full-text available
Cloud computing has become widely adopted by businesses for hosting applications with improved performance at a fraction of the operational costs and complexity. The rise of cloud applications has been coupled with an increase in security threat vectors and vulnerabilities. In this paper, we propose a new security assessment and enforcement tool fo...
Article
The satisfaction of a software requirement is commonly stated as a Boolean value, that is, a security requirement is either satisfied (true) or not (false). However, a discrete Boolean value to measure the satisfaction level of a security requirement by deployed mechanisms is not very useful. Rather, it would be more effective if we could quantify...
Preprint
Full-text available
Model-based evaluation in cybersecurity has a long history. Attack Graphs (AGs) and Attack Trees (ATs) were the earlier developed graphical security models for cybersecurity analysis. However, they have limitations (e.g., scalability problem, state-space explosion problem, etc.) and lack the ability to capture other security features (e.g., counter...
Article
Moving Target Defense (MTD) is a defensive strategy to thwart adversaries by continuously shifting the attack surface. The MTD techniques can be applied to the cloud computing to make the cloud more unpredictable, hence more difficult to exploit. There are many MTD techniques proposed, and various metrics are used to measure their effectiveness. Ho...
Article
Full-text available
There have been many efforts to detect rumors using various machine learning (ML) models, but there is still a lack of understanding of their performance against different rumor topics and available features, resulting in a significant performance degrade against completely new and unseen (unknown) rumors. To address this issue, we investigate the...
Preprint
Full-text available
Security metrics present the security level of a system or a network in both qualitative and quantitative ways. In general, security metrics are used to assess the security level of a system and to achieve security goals. There are a lot of security metrics for security analysis, but there is no systematic classification of security metrics that ar...
Article
Full-text available
Software defined networking (SDN) has been adopted in many application domains as it provides functionalities to dynamically control the network flow more robust and more economical compared to the traditional networks. In order to strengthen the security of the SDN against cyber attacks, many security solutions have been proposed. However, those s...
Article
Full-text available
Graphical Security Models (GSMs), such as an Attack Graph, are used to assess the security of networks, but they are often limited to assess the security of the given network state (i.e., a snapshot at the current time). To address this issue, we develop a GSM named Time-independent Hierarchical Attack Representation Model (TI-HARM), which analyses...
Article
Full-text available
Software Defined Networking (SDN) extends capabilities of existing networks by providing various functionalities, such as flexible networking controls. However, there are many security threat vectors in SDN, including existing and emerging ones arising from new functionalities, that may hinder the use of SDN. To tackle this problem, many countermea...
Patent
Full-text available
A computer-implemented method for monitoring the security of a computing network which includes a plurality of hosts and a plurality of edges which link connected hosts . The method comprises capturing and storing first and second network state information at first and second times respectively. The method comprises comparing the first and second n...
Conference Paper
Full-text available
Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a s...
Preprint
Full-text available
Cloud computing has been adopted widely, providing on-demand computing resources to improve perfornance and reduce the operational costs. However, these new functionalities also bring new ways to exploit the cloud computing environment. To assess the security of the cloud, graphical security models can be used, such as Attack Graphs and Attack Tree...
Article
When a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the clo...
Article
Existing security risk evaluation approaches (e.g., asset-based) do not consider specific security requirements of individual cloud computing clients in the security risk evaluation. In this paper, we propose a threat-specific risk evaluation approach that uses various security attributes of the cloud (e.g., vulnerability information, the probabili...
Conference Paper
Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be...
Article
Full-text available
Moving Target Defense (MTD) utilizes granularity, flexibility and elasticity properties of emerging networking technologies in order to continuously change the attack surface. There are many different MTD techniques proposed in the past decade to thwart cyberattacks. Due to the diverse range of different MTD techniques, it is of paramount importanc...
Article
Full-text available
It is difficult to assess the security of modern networks because they are usually dynamic with configuration changes (such as changes in topology, firewall rules, etc). Graphical security models (e.g., Attack Graphs and Attack Trees) are widely used to systematically analyse the security posture of network systems using security metrics. However,...
Conference Paper
Full-text available
Emerging networking technologies, such as cloud and Software Defined Networking, provide flexibility, elasticity and functionalities to change the network configurations over time. However, changes also impose unpredictable security postures at different times, creating difficulties to the security assessment of the network. To address this issue,...
Conference Paper
Full-text available
It is important to assess the cost benefits of IT security investments. Typically, this is done by manual risk assessment process. In this paper, we propose an approach to automate this using graphical security models (GSMs). GSMs have been used to assess the security of networked systems using various security metrics. Most of the existing GSMs as...
Conference Paper
Research ProblemCyber attacks are targeting the cloud computing systems, where enterprises, governments, and individuals are outsourcing their storage and computational resources for improved scalability and dynamic management of their data. However, the different types of cyber attacks, as well as the different attack goals, create difficulties pr...
Chapter
Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on...
Article
This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techn...
Article
The Internet of Things (IoT) contains a large number of heterogeneous devices with a variety of vulnerabilities. As the vulnerabilities can be exploited by the attackers to break into the system, it is of vital importance to patch all vulnerabilities. However, some vulnerabilities are impossible to patch (e.g., forever-day vulnerabilities). In orde...
Conference Paper
Manual vulnerability discovery and exploit development on an executable are very challenging tasks for developers. Therefore, the automation of those tasks is becoming interesting in the field of software security. In this paper, we implement an approach of automated exploit generation for firmware of embedded systems by extending an existing dynam...
Article
Full-text available
Security metrics present the security level of a system or a network in both qualitative and quantitative ways. In general, security metrics are used to assess the security level of a system and to achieve security goals. There are a lot of security metrics for security analysis, but there is no systematic classification of security metrics that is...
Article
The Internet of Things (IoT) is enabling innovative applications in various domains. Due to its heterogeneous and wide-scale structure, it introduces many new security issues. To address this problem, we propose a framework for modeling and assessing the security of the IoT and provide a formal definition of the framework. Generally, the framework...
Conference Paper
Full-text available
Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, t...
Article
Security models, such as an Attack Graph (AG), are widely adopted to assess the security of networked systems, such as utilizing various security metrics and providing a cost-effective network hardening solution. There are various methods of generating these models, but the scalability problem exists for single-layered graph-based security models w...
Conference Paper
Full-text available
Software Defined Network (SDN) is an emerging paradigm for flexible network design and implementation. Availability metric of SDNs is critically demanding further studies. This paper aims to propose hierarchical models to assess the availability of SDNs. We incorporate various failure modes and recovery behaviors in the SDN including (i) link failu...
Conference Paper
The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propos...
Conference Paper
Security of virtual network systems, such as Cloud computing systems, is important to users and administrators. One of the major issues with Cloud security is detecting intrusions to provide time-efficient and cost-effective countermeasures. Cyber-attacks involve series of exploiting vulnerabilities in virtual machines, which could potentially caus...
Article
Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting Moving Target Defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD technique...
Conference Paper
Full-text available
Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, bu...
Conference Paper
Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions...
Conference Paper
Attack representation models (ARMs) (such as attack graphs, attack trees) can be used to model and assess security of a networked system. To do this, one must generate an ARM. However, generation and evaluation of the ARM suffer from a scalability problem when the size of the networked system is very large (e.g., 10,000 computer hosts in the networ...
Conference Paper
Full-text available
Attack graphs (AGs) have been widely used for security analysis. The construction of the graph-based attack models including the AG have been studied, but the security evaluation considering the full attack paths cannot be computed using existing attack models due to the scalability problem. To solve this, we propose to use hierarchical attack repr...
Conference Paper
Automated construction methods of attack graphs (AGs) and their improved attack representation models (ARMs) have been proposed, but the AG has a state space explosion when analysing the security of very large sized networked systems. Instead, attack trees (ATs) and their improved ARMs can be used (e.g., Defense Trees, Protection Trees, Attack Resp...
Conference Paper
Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network c...
Article
Attack models can be used to assess network security. Purely graph based attack representation models (e.g., attack graphs) have a state-space explosion problem. Purely tree-based models (e.g., attack trees) cannot capture the path information explicitly. Moreover, the complex relationship between the host and the vulnerability information in attac...

Network

Cited By

Projects

Projects (2)
Project
Moving Target Defense (MTD)
Project
Research and Development on Graphical models, metrics, measurement for cybersecurity.