Corpus ID: 31436029

A New Approach to Quantify Network Security by Ranking of Security Metrics and Considering Their Relationships

@article{Behi2018ANA,
  title={A New Approach to Quantify Network Security by Ranking of Security Metrics and Considering Their Relationships},
  author={Mostafa Behi and Mohammad Ghasemigol and Hamed Vahdat-Nejad},
  journal={Int. J. Netw. Secur.},
  year={2018},
  volume={20},
  pages={141-148}
}
There are several characteristics in computer networks, which play important roles in determining the level of network security. These characteristics known as security metrics can be applied for security quantification in computer networks. Most of the researches on this area has focused on defining the new security metrics to improve the quantification process. In this paper, we present a new approach to analyze and quantify the network security by ranking of security metrics with considering… Expand
Network Security Metrics: Vital Ingredients for Measuring Networks Security
  • Naveen Bindra, M. Sood
  • Computer Science
  • 2018 Fifth International Conference on Parallel, Distributed and Grid Computing (PDGC)
  • 2018
TLDR
This work aims to combine the strengths of best practices in developing efficient heuristics that accurately and inclusively assess the network security by proposing four classes of network security metrics along with a simple methodology to develop the simple, effective and viable security metrics. Expand
Security Metric Methods for Network Multistep Attacks Using AMC and Big Data Correlation Analysis
TLDR
This paper employs absorbing Markov chain (AMC) to estimate the network security combining with the technique of big data correlation analysis, and constructs the model of AMC using a large amount of alert data to describe the scenario of multistep attacks in the real world. Expand
New Insights into Approaches to Evaluating Intention and Path for Network Multistep Attacks
TLDR
The stochastic mathematical model called absorbing Markov chain (AMC) is applied over the AG to give some new insights, namely, the expected success probability of attack intention (EAIP) and the expected attack path length (EAPL). Expand
Prioritizing CWE/SANS and OWASP Vulnerabilities: A Network-Based Model
TLDR
The weaknesses that have been defined by the CWE/SANS and OWASP, which are considered as the most trusted and accredited cyber-security organizations, are analyzed and centrality measurements can play a significant role and can be considered as a powerful tool in improving CWSS in terms of accuracy. Expand
A Security Quantification Method for Mimic Defense Architecture
The model of security assessment of the mimic defense architecture has been developing continuously since it was proposed, but it is not perfect to analyze the complex architecture quantitativelyExpand
Security Governance as a Service on the Cloud
  • C. Bryce
  • Computer Science, Business
  • 2018 IEEE/ACM International Conference on Utility and Cloud Computing Companion (UCC Companion)
  • 2018
TLDR
The increasing number of security attacks is placing organizations in difficulty, especially SMEs, and an emerging possibility is for security and compliance to be provided as a cloud service that SMEs can connect their IT infrastructure to. Expand
A Network Flow Correlation Method Based on Chaos Theory and Principal Component Analysis
TLDR
A novel flow correlation scheme based on Chaos Theory and Principal Component Analysis is proposed that can resist packet insertions, network jitter and losses. Expand
Implementing DMZ in Improving Network Security of Web Testing in STMIK AKBA
TLDR
It is shown that the aplication of DeMilitarized Zone Method on microtic can secure the web testing on Siakad server of STMIK AKBA and can maintain the whole series of online services that are available in the server. Expand
Provisioning Cybersecurity in ICT Complex Supply Chains: An Overview, Key Issues and a Relevant Architecture
The specific demands inherent to supply chains built upon large IoT systems, make a must the design of a coordinated framework for cyber resilience provisioning intended to guaranteeing trustedExpand
Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture
TLDR
This paper presents FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios, which leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. Expand
...
1
2
...

References

SHOWING 1-10 OF 27 REFERENCES
A Novel Quantitative Approach For Measuring Network Security
TLDR
This paper proposes a novel security metric framework that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerability of the remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally policy resistance to attack propagation within the network. Expand
Decision centric identification and rank ordering of security metrics
TLDR
This paper takes a theoretically rigorous approach to quantifying the effect each of the individual attributes of the network has on the network by using ideas from probability and decision theory and can come up with critical coefficients which must be maintained by the administrator if the network is to remain secure to external threats. Expand
An Approach for Security Assessment of Network Configurations Using Attack Graph
TLDR
Two security metrics, namely probabilistic security metric and attack resistance metric, have been employed to evaluate the relative security levels of various network configurations and a case study has been presented to demonstrate the applicability of the proposed approach. Expand
An attack graph based network security evaluation model for hierarchical network
TLDR
To evaluate the security situation of hierarchical network, a novel evaluation algorithm based on the method of constructing a security risk function is proposed, the aggregation of qualitative evaluation and quantitative evaluation is proposed. Expand
An Attack Graph-Based Probabilistic Security Metric
TLDR
This paper proposes an attack graph-based probabilistic metric for network security and studies its efficient computation, and defines and proposes heuristics to improve the efficiency of such computation. Expand
Using the vulnerability information of computer systems to improve the network security
TLDR
This paper introduces a method to improve the network security, which consists of the network management, the vulnerability scan, the risk assessment, the access control, and the incident notification. Expand
VEA-bility Security Metric: A Network Security Analysis Tool
TLDR
It is concluded that the VEA-bility can be used to accurately estimate the comparative desirability of a specific network configuration, which can then be use to explore alternate possible configurations and allows an administrator to select one among the given options. Expand
A Guide to Security Metrics
TLDR
In the face of regular, high-profile news reports of serious security breaches, security managers are increasingly becoming a focal point not only for investment, but also for scrutiny of return on that investment. Expand
Taxonomy of intrusion risk assessment and response system
TLDR
A taxonomy of Intrusion Response Systems (IRS) and Intrusions Risk Assessment (IRA), two important components of an intrusion detection solution, is presented by classifying a number of studies published during the last two decades. Expand
Security Metrics: Replacing Fear, Uncertainty, and Doubt
The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security OperationsSecurity Metrics is the first comprehensive best-practice guide to defining, creating, and utilizingExpand
...
1
2
3
...