论文信息 - Metrics suite for network attack graph analytics

Metrics suite for network attack graph analytics

We describe a suite of metrics for measuring network-wide cyber security risk based on a model of multi-step attack vulnerability (attack graphs). Our metrics are grouped into families, with family-level metrics combined into an overall metric for network vulnerability risk. The Victimization family measures risk in terms of key attributes of risk across all known network vulnerabilities. The Size family is an indication of the relative size of the attack graph. The Containment family measures risk in terms of minimizing vulnerability exposure across protection boundaries. The Topology family measures risk through graph theoretic properties (connectivity, cycles, and depth) of the attack graph. We display these metrics (at the individual, family, and overall levels) in interactive visualizations, showing multiple metrics trends over time.

Sushil Jajodia | Steven Noel

[1] Sushil Jajodia,et al. Measuring Security Risk of Networks Using Attack Graphs , 2010, Int. J. Next Gener. Comput..

[2] Marianne Swanson,et al. Security metrics guide for information technology systems , 2003 .

[3] Sushil Jajodia,et al. A weakest-adversary security metric for network configuration security analysis , 2006, QoP '06.

[4] Sushil Jajodia,et al. Cauldron mission-centric cyber situational awareness with defense in depth , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[5] Sushil Jajodia,et al. k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities , 2014, IEEE Transactions on Dependable and Secure Computing.

[6] R. Cunningham,et al. Validating and Restoring Defense in Depth Using Attack Graphs , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[7] Vilhelm Verendel,et al. Quantified security is a weak hypothesis: a critical survey of results and assumptions , 2009, NSPW '09.