DeepAI AI Chat
Log In Sign Up

Composite Metrics for Network Security Analysis

07/07/2020
by   Simon Yusuf Enoch, et al.
University of Canterbury
0

Security metrics present the security level of a system or a network in both qualitative and quantitative ways. In general, security metrics are used to assess the security level of a system and to achieve security goals. There are a lot of security metrics for security analysis, but there is no systematic classification of security metrics that are based on network reachability information. To address this, we propose a systematic classification of existing security metrics based on network reachability information. Mainly, we classify the security metrics into host-based and network-based metrics. The host-based metrics are classified into metrics “without probability" and "with probability", while the network-based metrics are classified into "path-based" and "non-path based". Finally, we present and describe an approach to develop composite security metrics and it's calculations using a Hierarchical Attack Representation Model (HARM) via an example network. Our novel classification of security metrics provides a new methodology to assess the security of a system.

READ FULL TEXT

page 1

page 2

page 3

page 4

12/10/2021

How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics

Embedded Systems (ES) development has been historically focused on funct...
01/08/2015

Quantifying Scripts: Defining metrics of characters for quantitative and descriptive analysis

Analysis of scripts plays an important role in paleography and in quanti...
10/11/2019

Contextualising and Aligning Security Metrics and Business Objectives: a GQM-based Methodology

Pre-defined security metrics suffer from the problem of contextualisatio...
02/14/2023

Security Reputation Metrics

Security reputation metrics (aka. security metrics) quantify the securit...
05/18/2021

Model-based Cybersecurity Analysis: Past Work and Future Directions

Model-based evaluation in cybersecurity has a long history. Attack Graph...
03/05/2014

A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems

We present a taxonomy and an algebra for attack patterns on component-ba...
11/26/2022

Quantitative Method for Security Situation of the Power Information Network Based on the Evolutionary Neural Network

Cybersecurity is the security cornerstone of digital transformation of t...