A Bayesian Network-Based Framework for Cyber Risk Assessment and Asset Prioritization
DOI:
https://doi.org/10.47392/IRJAEM.2026.0081Keywords:
Bayesian Network, Cyber Risk Assessment, Asset Prioritization, Probabilistic Inference, Threat IntelligenceAbstract
Modern organizations face continuously evolving cyber threats, while traditional risk assessment approaches rely on static vulnerability scoring and fail to capture uncertainty and attacker behavior. This work proposes a Bayesian Network-based cyber risk assessment framework that dynamically evaluates and prioritizes enterprise assets based on compromise likelihood. The system models dependency relationships between threat likelihood, vulnerability severity, and exploit success probability using conditional probability inference. Security data is processed into probabilistic variables and posterior risk values are computed to rank assets into high, medium, and low risk categories. Unlike conventional scoring models, the proposed framework continuously updates risk when new evidence appears, enabling predictive defense prioritization. Experimental evaluation demonstrates improved contextual risk identification and effective prioritization of critical assets. The proposed approach provides a scalable and interpretable decision-support mechanism suitable for enterprise cybersecurity operations.
Downloads
Downloads
Published
Issue
Section
License
Copyright (c) 2026 International Research Journal on Advanced Engineering and Management (IRJAEM)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
. 