• DocumentCode
    2742367
  • Title

    Application of Security Metrics in Auditing Computer Network Security: A Case Study

  • Author

    Premaratne, Upeka ; Samarabandu, Jagath ; Sidhu, Tarlochan ; Beresh, Bob ; Tan, Jian-Cheng

  • Author_Institution
    Dept. of Electr. & Comput. Eng., Univ. of Western Ontario, London, ON
  • fYear
    2008
  • fDate
    12-14 Dec. 2008
  • Firstpage
    200
  • Lastpage
    205
  • Abstract
    This paper presents a case study of the application of security metrics to a computer network. A detailed survey is conducted on existing security metric schemes. The Mean Time to Compromise (MTTC) metric and VEA-bility metric are selected for this study. The input data for both metrics are obtained from a network security tool. The results are used to determine the security level of the network using the two metrics. The feasibility and convenience of using both metrics are then compared.
  • Keywords
    computer networks; telecommunication security; VEA-bility metric; computer network security metrics; mean time to compromise metric; Application software; Computer networks; Computer security; Context modeling; Cost benefit analysis; Data security; Design methodology; Information security; Privacy; Storage area networks; Common Vulnerability Scoring System; Computer Network Security; Computer Network Security Auditing; Information Security; Information Security Auditing; Information Security Metrics; Mean Time to Compromise; VEA-bility Score;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information and Automation for Sustainability, 2008. ICIAFS 2008. 4th International Conference on
  • Conference_Location
    Colombo
  • Print_ISBN
    978-1-4244-2899-1
  • Electronic_ISBN
    978-1-4244-2900-4
  • Type

    conf

  • DOI
    10.1109/ICIAFS.2008.4783996
  • Filename
    4783996
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2742367