Evaluation of Computer Network Security based on Attack Graphs and Security Event Processing
نویسندگان
چکیده
The paper is devoted to the security assessment problem. Authors suggest an approach to the security assessment based on the attack graphs that can be implemented in contemporary Security Information and Event Management (SIEM) systems. Key feature of the approach consists in the application of the developed security metrics system based on the differentiation of the input data for the metrics calculations. Input data includes, among others, current events from the SIEM system. Proposed metrics form the basis for security awareness and reflect current security situation, including development of attacks, attacks sources and targets, attackers’ characteristics. The suggested technique is demonstrated on a case study.
منابع مشابه
Fast Network Attack Modeling and Security Evaluation based on Attack Graphs
The paper suggests an approach to network attack modeling and security evaluation which is realized in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of computer network and malefactors’ behaviors, building attack graphs, processing current alerts for real-time adjusting of particular attack graphs, calculating different security metrics and providing...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملUnauthenticated event detection in wireless sensor networks using sensors co-coverage
Wireless Sensor Networks (WSNs) offer inherent packet redundancy since each point within the network area is covered by more than one sensor node. This phenomenon, which is known as sensors co-coverage, is used in this paper to detect unauthenticated events. Unauthenticated event broadcasting in a WSN imposes network congestion, worsens the packet loss rate, and increases the network energy con...
متن کاملAttack Graph Based Evaluation of Network Security
The perspective directions in evaluating network security are simulating possible malefactor’s actions, building the representation of these actions as attack graphs (trees, nets), the subsequent checking of various properties of these graphs, and determining security metrics which can explain possible ways to increase security level. The paper suggests a new approach to security evaluation bas...
متن کاملAnalyzing Network Security using Malefactor Action Graphs
The approach to network security analysis is suggested. It is based on simulation of malefactor’s behavior, generating attack graph and calculating different security metrics. The graph represents all possible attack scenarios taking into account network configuration, security policy, malefactor’s location, knowledge level and strategy. The security metrics describe computer network security a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- JoWUA
دوره 5 شماره
صفحات -
تاریخ انتشار 2014