City Research Online - Detecting Open Banking API Security Threats Using Bayesian Attack Graphs

Detecting Open Banking API Security Threats Using Bayesian Attack Graphs

Behbehani, D., Rajarajan, M. ORCID: 0000-0001-5814-9922, Komninos, N. ORCID: 0000-0003-2776-1283 & Al-Begain, K. (2023). Detecting Open Banking API Security Threats Using Bayesian Attack Graphs. In: 2022 14th International Conference on Computational Intelligence and Communication Networks (CICN). 2022 14th International Conference on Computational Intelligence and Communication Networks (CICN), 4-6 Dec 2022, Online. doi: 10.1109/cicn56167.2022.10008365

Abstract

Particularly amid Covid-19, enterprises' digital transformation has rapidly accelerated, making cybersecurity an even bigger challenge. Financial institutions adopt FinTech technologies to advance their service and achieve an enhanced customer experience that creates a competitive edge in the market. FinTech products utilise open banking API services to allow communication between a financial institution and a FinTech provider. However, such an integration introduces significant security concerns. Therefore, financial firms must ensure that a robust API service to protect the bank's infrastructure and its customers' information. To address this concern, we propose a Framework for Open Banking API security that utilises STRIDE model to identify security threats in FinTech integration via Open Banking API and Bayesian Attack Graphs to automate predictions of the most exploitable attack paths.

Publication Type:	Conference or Workshop Item (Paper)
Publisher Keywords:	Open Banking API, STRIDE, Risk Assessment, Threat Assessment
Subjects:	H Social Sciences > HF Commerce Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments:	School of Science & Technology School of Science & Technology > Computer Science School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

[thumbnail of Detecting_Open_Banking_API_Security_Threats_Using_Bayesian_Attack_Graphs___Conference_Paper___Revised.pdf]

Preview

Text - Accepted Version
Available under License Creative Commons: Attribution International Public License 4.0.
Download (1MB) | Preview

Official URL: https://doi.org/10.1109/cicn56167.2022.10008365

Export

Downloads

Downloads per month over past year

View more statistics

Metadata

Altmetric

CORE (COnnecting REpositories)

Actions (login required)

Admin Login

Creators:	Behbehani, D. Rajarajan, M. ORCID: 0000-0001-5814-9922 Komninos, N. ORCID: 0000-0003-2776-1283 Al-Begain, K.
Event Title:	2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)
Event Type:	Conference
Event Location:	Online
Event Dates:	4-6 Dec 2022
Status:	Published
Refereed:	Yes
Journal or Publication Title:	2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)
Publisher:	IEEE
ISSN:	2375-8244
e-ISSN:	2472-7555
URI:	https://openaccess.city.ac.uk/id/eprint/35202
Date available in CRO:	19 May 2025 09:28
Date deposited:	16 May 2025
Dates:	Date Event 13 January 2023 Published 13 January 2023 Published Online