Title :
A Unified Framework for Measuring a Network´s Mean Time-to-Compromise
Author :
Nzoukou, William ; Lingyu Wang ; Jajodia, Sushil ; Singhal, Achintya
Author_Institution :
Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, QC, Canada
fDate :
Sept. 30 2013-Oct. 3 2013
Abstract :
Measuring the mean time-to-compromise provides important insights for understanding a network´s weaknesses and for guiding corresponding defense approaches. Most existing network security metrics only deal with the threats of known vulnerabilities and cannot handle zero day attacks with consistent semantics. In this paper, we propose a unified framework for measuring a network´s mean time-to-compromise by considering both known, and zero day attacks. Specifically, we first devise models of the mean time for discovering and exploiting individual vulnerabilities. Unlike existing approaches, we replace the generic state transition model with a more vulnerability-specific graphical model. We then employ Bayesian networks to derive the overall mean time-to-compromise by aggregating the results of individual vulnerabilities. Finally, we demonstrate the framework´s practical application to network hardening through case studies.
Keywords :
Bayes methods; computer network reliability; computer network security; network theory (graphs); Bayesian networks; known attacks; network hardening; network mean time-to-compromise; network security metrics; network weaknesses; vulnerability-specic graphical model; zero day attacks; Bayes methods; Knowledge engineering; Measurement; Safety; Security; Semantics; Security metrics; mean time to compromise; network security;
Conference_Titel :
Reliable Distributed Systems (SRDS), 2013 IEEE 32nd International Symposium on
Conference_Location :
Braga
DOI :
10.1109/SRDS.2013.30
