Title :
Objective metrics for firewall security: A holistic view
Author :
Alsaleh, Mohammed Noraden ; Al-Haj, Saeed ; Al-Shaer, Ehab
Author_Institution :
Dept. of Software & Inf. Syst., Univ. of North Carolina Charlotte, Charlotte, NC, USA
Abstract :
Firewalls are the primary security devices in cyber defense. Yet, the security of firewalls depends on the quality of protection provided by the firewall policy. The lack of metrics and attack incident data makes measuring the security of firewall policies a challenging task. In this paper, we present a new set of quantitative metrics that can be used to measure, as well as, compare the security level of firewall policies in an enterprise network. The proposed metrics measure the risk of attacks on the network that is imposed due to weaknesses in the firewall policy. We also measure the feasibility of mitigating or removing that risk. The presented metrics are proven to be (1) valid as compared with the ground truth, and (2) practically useful as each one implies actionable security hardening.
Keywords :
data protection; firewalls; organisational aspects; attack incident data; attack risk measurement; cyber defense; enterprise network; firewall policy security level; firewall policy security measurement; objective metrics; protection quality; quantitative metrics; security devices; Grippers; IP networks; Indexes; Measurement; Ports (Computers); Risk management; Security;
Conference_Titel :
Communications and Network Security (CNS), 2013 IEEE Conference on
Conference_Location :
National Harbor, MD
DOI :
10.1109/CNS.2013.6682762
