k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks

The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic [10]. In this paper, we propose a novel security metric, k-zero day safety, based on the number of unknown zero day vulnerabilities. That is, the metric simply counts how many unknown vulnerabilities would be required for compromising a network asset, regardless of what vulnerabilities those might be. We formally define the metric based on an abstract model of networks and attacks. We then devise algorithms for computing the metric. Finally, we show the metric can quantify many existing practices in hardening a network.

[1]  T. Oyama,et al.  WORKSHOP I , 1997 .

[2]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[3]  Andrew Jaquith Security Metrics: Replacing Fear, Uncertainty, and Doubt , 2007 .

[4]  Sushil Jajodia,et al.  An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.

[5]  Felix C. Freiling,et al.  Measuring and Detecting Fast-Flux Service Networks , 2008, NDSS.

[6]  Sushil Jajodia,et al.  A weakest-adversary security metric for network configuration security analysis , 2006, QoP '06.

[7]  Chen Feng,et al.  A Flexible Approach to Measuring Network Security Using Attack Graphs , 2008, 2008 International Symposium on Electronic Commerce and Security.

[8]  Michael Howard,et al.  Measuring Relative Attack Surfaces , 2005 .

[9]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[10]  Z. G. Ruthberg,et al.  Technology Assessment: Methods for Measuring the Level of Computer Security , 1985 .

[11]  Michael K. Reiter,et al.  Authentication metric analysis and design , 1999, TSEC.

[12]  Fabio Massacci,et al.  Proceedings of the 2nd ACM Workshop on Quality of Protection, QoP 2006, Alexandria, VA, USA, October 30, 2006 , 2006, QoP.

[13]  Marianne Swanson,et al.  Security metrics guide for information technology systems , 2003 .

[14]  Ira S. Moskowitz,et al.  Metrics for Trafic Analysis Prevention , 2003, Privacy Enhancing Technologies.

[15]  Mattia Monga,et al.  Assessing the risk of using vulnerable components , 2006, Quality of Protection.

[16]  Sushil Jajodia,et al.  Efficient minimum-cost network hardening via exploit dependency graphs , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[17]  Ketil Stølen,et al.  Proceedings of the 2007 ACM workshop on Quality of protection , 2007, CCS 2007.

[18]  Karl N. Levitt,et al.  NetKuang - A Multi-Host Configuration Vulnerability Checker , 1996, USENIX Security Symposium.

[19]  Simon N. Foley,et al.  Security risk management using internal controls , 2009, WISG '09.

[20]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[21]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[22]  Miles McQueen,et al.  Measuring the attack surfaces of two FTP daemons , 2006, QoP '06.

[23]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[24]  David John Leversage,et al.  Estimating a System's Mean Time-to-Compromise , 2008, IEEE Security & Privacy.

[25]  Sushil Jajodia,et al.  Measuring network security using dynamic bayesian network , 2008, QoP '08.

[26]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[27]  Jeannette M. Wing,et al.  Measuring a System's Attack Surface , 2004 .

[28]  Marc Dacier,et al.  Quantitative Assessment of Operational Security: Models and Tools * , 1996 .

[29]  Paul Ammann,et al.  Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[30]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[31]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[32]  Eugene H. Spafford,et al.  The COPS Security Checker System , 1990, USENIX Summer.

[33]  May R. Chaffin,et al.  Empirical Estimates and Observations of 0Day Vulnerabilities , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[34]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[35]  Sushil Jajodia,et al.  Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.

[36]  John McHugh Quality of protection: measuring the unmeasurable? , 2006, QoP '06.

[37]  Edsger W. Dijkstra,et al.  A note on two problems in connexion with graphs , 1959, Numerische Mathematik.

[38]  Michael K. Reiter,et al.  Toward acceptable metrics of authentication , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[39]  J. K. Hunter,et al.  Measure Theory , 2007 .

[40]  Debra Herrmann,et al.  Complete Guide to Security and Privacy Metrics , 2007 .

[41]  Bart De Decker,et al.  A Privacy-Preserving Ticketing System , 2008, DBSec.

[42]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[43]  Daniel J. Ryan,et al.  Performance Metrics for Information Security Risk Management , 2008, IEEE Security & Privacy.

[44]  Dong Xiang,et al.  Information-theoretic measures for anomaly detection , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[45]  Boris Skoric,et al.  Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems , 2006, ESORICS.

[46]  Cynthia A. Phillips,et al.  Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[47]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[48]  Richard Lippmann,et al.  Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[49]  Scott Shenker,et al.  Diverse Replication for Single-Machine Byzantine-Fault Tolerance , 2008, USENIX Annual Technical Conference.