A Near Real-Time System for Security Assurance Assessment

Author

Pham, Nguyen ; Baud, Loic ; Bellot, Patrick ; Riguidel, Michel

Author_Institution

Comput. Sci. & Networking Dept., Inst. TELECOM, Paris

fYear

2008

fDate

June 29 2008-July 5 2008

Firstpage

152

Lastpage

160

Abstract

Building systems that are guaranteed to be secure or to remain secure over time is still an unachievable goal. The need for a tool that helps to determine security assurance level of a system is therefore vital in order to maintain and improve overall security. This paper introduces our system to assess the overall security assurance of a large, networked, IT-driven system in terms of a dedicated evaluation infrastructure based on multi-agent technology. We use attack graph approach to compute an attackability metric value and define other metrics for anomaly detection to assess both the static and dynamic visions of the system under study. The implemented software system is described, and the examples of experiments for evaluating of network component, sub network and network security assurance levels are considered.

Keywords

multi-agent systems; security of data; IT-driven system; anomaly detection; attack graph approach; attackability metric value; multiagent technology; near real-time system; security assurance assessment; Classification tree analysis; Computer science; Computer security; Computerized monitoring; IP networks; ISO standards; Information security; Protection; Real time systems; Telecommunications; security assrance evaluation; security assurance; security assurance assessment;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet Monitoring and Protection, 2008. ICIMP '08. The Third International Conference on

Conference_Location

Bucharest

Print_ISBN

978-0-7695-3189-2

Electronic_ISBN

978-0-7695-3189-2

Type

conf

DOI

10.1109/ICIMP.2008.28

Filename

4561341