skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework

Abstract

Cybersecurity vulnerability assessment tools, frameworks, and methodologies are used to understand the cybersecurity maturity of a system or a facility. However, these tools are strictly developed based on standards defined by organizations such as the National Institute of Standards and Technology (NIST) and the U.S. Department of Energy; the majority of these tools and frameworks do not provide a platform to prioritize the requirements to reach a desired cybersecurity maturity. To address that challenge, we have been developing a framework and software application called cybersecurity vulnerability mitigation framework through empirical paradigm (CyFEr). CyFEr treats the problem at hand as a multi-criteria decision analysis (MCDA) problem, which requires that various criteria be weighed relatively. Defining those weights is non-trivial and often leads to subjective decisions leading to undesired complications. To facilitate such a weighting system in CyFEr, we evaluated the application of various rank-weight methods (such as rank sum, reciprocal rank, rank exponent, and rank order centroid). The efficacy of those rank-weight methods was evaluated by applying them and testing against the blockchain cybersecurity framework (BC2F). BC2F was developed using the NIST cybersecurity framework to evaluate the cybersecurity posture of the blockchain nodes and networks in a given blockchain application ormore » use-case. This paper provides 1) technical insights on the application of rank-weight methods to cybersecurity vulnerability assessments, 2) an overview of BC2F, 3) the application of rank-weight methods to BC2F, and 4) a depiction of the integration of the discussed rank-weight methods in CyFEr.« less

Authors:
ORCiD logo [1];  [1];  [2]
  1. BATTELLE (PACIFIC NW LAB)
  2. University of Arkansas at Little Rock
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1525865
Report Number(s):
PNNL-SA-143718
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC 2019), January 7-9, 2019, Las Vegas, NV
Country of Publication:
United States
Language:
English

Citation Formats

Gourisetti, Sri Nikhil G., Mylrea, Michael E., and Patangia, Hirak. Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework. United States: N. p., 2019. Web. doi:10.1109/CCWC.2019.8666518.
Gourisetti, Sri Nikhil G., Mylrea, Michael E., & Patangia, Hirak. Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework. United States. doi:10.1109/CCWC.2019.8666518.
Gourisetti, Sri Nikhil G., Mylrea, Michael E., and Patangia, Hirak. Thu . "Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework". United States. doi:10.1109/CCWC.2019.8666518.
@article{osti_1525865,
title = {Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework},
author = {Gourisetti, Sri Nikhil G. and Mylrea, Michael E. and Patangia, Hirak},
abstractNote = {Cybersecurity vulnerability assessment tools, frameworks, and methodologies are used to understand the cybersecurity maturity of a system or a facility. However, these tools are strictly developed based on standards defined by organizations such as the National Institute of Standards and Technology (NIST) and the U.S. Department of Energy; the majority of these tools and frameworks do not provide a platform to prioritize the requirements to reach a desired cybersecurity maturity. To address that challenge, we have been developing a framework and software application called cybersecurity vulnerability mitigation framework through empirical paradigm (CyFEr). CyFEr treats the problem at hand as a multi-criteria decision analysis (MCDA) problem, which requires that various criteria be weighed relatively. Defining those weights is non-trivial and often leads to subjective decisions leading to undesired complications. To facilitate such a weighting system in CyFEr, we evaluated the application of various rank-weight methods (such as rank sum, reciprocal rank, rank exponent, and rank order centroid). The efficacy of those rank-weight methods was evaluated by applying them and testing against the blockchain cybersecurity framework (BC2F). BC2F was developed using the NIST cybersecurity framework to evaluate the cybersecurity posture of the blockchain nodes and networks in a given blockchain application or use-case. This paper provides 1) technical insights on the application of rank-weight methods to cybersecurity vulnerability assessments, 2) an overview of BC2F, 3) the application of rank-weight methods to BC2F, and 4) a depiction of the integration of the discussed rank-weight methods in CyFEr.},
doi = {10.1109/CCWC.2019.8666518},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2019},
month = {1}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: