Published: August 18, 2011
Author(s)
Su Zhang, Xinming Ou, Anoop Singhal, John Homer
Conference
Name: 2011 International Conference on Security & Management (SAM 2011), WORLDCOMP'11
Dates: 07/18/2011 - 07/21/2011
Location: Las Vegas, Nevada, United States
Citation: SAM'11, the 2011 International Conference on Security and Management, pp. 562-568
Quantifying security risk is an important and yet difficult task in enterprise network risk management, critical for proactive mission assurance. Even though metrics exist for individual vulnerabilities, there is currently no standard way of aggregating such metrics. We developed a quantitative model that can be used to aggregate vulnerability metrics in an enterprise network, with a sound computation model. Our model produces quantitative metrics that measure the likelihood that breaches can occur within a given network configuration, taking into consideration the effects of all possible interplays between vulnerabilities. In order to validate the effectiveness scalability and accuracy) of this approach to realistic networks, we present the empirical study results of the approach on a number of system configurations. We use a real network as the test bed to demonstrate the utility of the approach, showing that the sound computation model is crucial for interpreting the metric result.
Quantifying security risk is an important and yet difficult task in enterprise network risk management, critical for proactive mission assurance. Even though metrics exist for individual vulnerabilities, there is currently no standard way of aggregating such metrics. We developed a quantitative...
See full abstract
Quantifying security risk is an important and yet difficult task in enterprise network risk management, critical for proactive mission assurance. Even though metrics exist for individual vulnerabilities, there is currently no standard way of aggregating such metrics. We developed a quantitative model that can be used to aggregate vulnerability metrics in an enterprise network, with a sound computation model. Our model produces quantitative metrics that measure the likelihood that breaches can occur within a given network configuration, taking into consideration the effects of all possible interplays between vulnerabilities. In order to validate the effectiveness scalability and accuracy) of this approach to realistic networks, we present the empirical study results of the approach on a number of system configurations. We use a real network as the test bed to demonstrate the utility of the approach, showing that the sound computation model is crucial for interpreting the metric result.
Hide full abstract
Keywords
attack detection; attack graphs; computer networks; security risk
Control Families
None selected