Title :
Application of Security Metrics in Auditing Computer Network Security: A Case Study
Author :
Premaratne, Upeka ; Samarabandu, Jagath ; Sidhu, Tarlochan ; Beresh, Bob ; Tan, Jian-Cheng
Author_Institution :
Dept. of Electr. & Comput. Eng., Univ. of Western Ontario, London, ON
Abstract :
This paper presents a case study of the application of security metrics to a computer network. A detailed survey is conducted on existing security metric schemes. The Mean Time to Compromise (MTTC) metric and VEA-bility metric are selected for this study. The input data for both metrics are obtained from a network security tool. The results are used to determine the security level of the network using the two metrics. The feasibility and convenience of using both metrics are then compared.
Keywords :
computer networks; telecommunication security; VEA-bility metric; computer network security metrics; mean time to compromise metric; Application software; Computer networks; Computer security; Context modeling; Cost benefit analysis; Data security; Design methodology; Information security; Privacy; Storage area networks; Common Vulnerability Scoring System; Computer Network Security; Computer Network Security Auditing; Information Security; Information Security Auditing; Information Security Metrics; Mean Time to Compromise; VEA-bility Score;
Conference_Titel :
Information and Automation for Sustainability, 2008. ICIAFS 2008. 4th International Conference on
Conference_Location :
Colombo
Print_ISBN :
978-1-4244-2899-1
Electronic_ISBN :
978-1-4244-2900-4
DOI :
10.1109/ICIAFS.2008.4783996
