nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

A Suite of Metrics for Network Attack Graph Analytics

verfasst von : Steven Noel, Sushil Jajodia

Erschienen in: Network Security Metrics

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This chapter describes a suite of metrics for measuring enterprise-wide cybersecurity risk based on a model of multi-step attack vulnerability (attack graphs). The attack graphs are computed through topological vulnerability analysis, which considers the interactions of network topology, firewall effects, and host vulnerabilities. Our metrics are normalized so that metric values can be compared meaningfully across enterprises. To support evaluations at higher levels of abstraction, we define family groups of related metrics, combining individual scores into family scores, and combining family scores into an overall enterprise network score. The Victimization metrics family measures key attributes of inherent risk (existence, exploitability, and impact) over all network vulnerabilities. The Size family is an indication of the relative size of the vulnerability attack graph. The Containment family measures risk in terms of minimizing vulnerability exposure across security protection boundaries. The Topology family measures risk through graph theoretic properties (connectivity, cycles, and depth) of the attack graph. We display these metrics (at the individual, family, and overall levels) in interactive visualizations, showing multiple metrics trends over time.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Evaluating the Network Diversity of Networks Against Zero-Day Attacks

Nächstes Kapitel A Novel Metric for Measuring Operational Effectiveness of a Cybersecurity Operations Center

S. Noel, E. Harley, K.H. Tam, M. Limiero, M. Share, CyGraph: graph-based analytics and visualization for cybersecurity, in Cognitive Computing: Theory and Applications, Handbook of Statistics, vol. 35, ed. by V. Raghavan, V. Gudivada, V. Govindaraju, C.R. Rao (Elsevier, New York, 2016)

S. Noel, E. Harley, K.H. Tam, G. Gyor, Big-data architecture for cyber attack graphs: representing security relationships in NoSQL Graph Databases, in IEEE Symposium on Technologies for Homeland Security, Boston, Massachusetts, April, 2015

Skybox Security, https://www.skyboxsecurity.com/

RedSeal Cybersecurity Analytics Platform, https://www.redseal.net/

M. Artz, NetSPA: A Network Security Planning Architecture, master’s thesis, Massachusetts Institute of Technology (2002)

S. Jajodia, S. Noel, P. Kalapa, M. Albanese, J. Williams, Cauldron: mission-centric cyber situational awareness with defense in depth, in 30th Military Communications Conference (MILCOM), November 2011

X. Ou, W. Boyer, M. McQueen, A scalable approach to attack graph generation, in 13th ACM Conference on Computer and Communications Security, New York, NY (2006)

S. Jajodia, S. Noel, Topological vulnerability analysis, in Cyber Situational Awareness: Issues and Research, Advances in Information Security, vol. 46, ed. by S. Jajodia, P. Liu, V. Swarup, C. Wang (Springer, Heidelberg, 2010)

NIST, NVD Common Vulnerability Scoring System (CVSS), http://nvd.nist.gov/cvss.cfm

10.

P. Manadhata, An Attack Surface Metric, doctoral dissertation, Carnegie Mellon University, CMU-CS-08-152 (2008)

11.

A. Jaquith, Security Metrics: Replacing Fear, Uncertainty, and Doubt (Addison-Wesley Professional, Reading, MA, 2007)

12.

V. Verendel, Quantified security is a weak hypothesis: a critical survey of results and assumptions, in ACM New Security Paradigms Workshop (2009)

13.

M. Pendleton, R. Garcia-Lebron, J.-H. Cho, S. Xu, A survey on systems security metrics. ACM Comput. Surv. 49(4), 62 (2017)

14.

D. Bodeau, R. Graubart, Cyber Resilience Metrics: Key Observations, The MITRE Corporation, https://www.mitre.org/sites/default/files/publications/pr-16-0779-cyber-resilience-metrics-key-observations.pdf (2016)

15.

S. Musman, S. Agbolosu-Amison, A Measurable Definition of Resiliency Using “Mission Risk” as a Metric, The MITRE Corporation, https://www.mitre.org/sites/default/files/publications/resiliency-mission-risk-14-0500.pdf (2014)

16.

D. Bodeau, R. Graubart, L. LaPadula, P. Kertzner, A. Rosenthal, J. Brennan, Cyber Resiliency Metrics, The MITRE Corporation, https://registerdev1.mitre.org/sr/12_2226.pdf (2012)

17.

S. Noel, W. Heinbockel, An overview of MITRE cyber situational awareness solutions, in NATO Cyber Defence Situational Awareness Solutions Conference, Bucharest, Romania, August, 2015

18.

M. Swanson, N. Bartol, J. Sabato, J. Hash, J. Graffo, Security Metrics Guide for Information Technology Systems, NIST Technical Report 800-55, July 2003

19.

C. Phillips, L.P. Swiler, A graph-based system for network vulnerability analysis, in ACM Workshop on New Security Paradigms, New York, NY, USA, 1998

20.

N. Idika, B. Bhargava, Extending attack graph-based security metrics and aggregating their application. IEEE Trans. Dependable Secure Comput. 9(1), 75–85 (2012)CrossRef

21.

G. Bopche, B. Mehtre, Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks. Comput. Secur. 64, 16–43 (2017)CrossRef

22.

R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz, M. Artz, R. Cunningham, Validating and restoring defense in depth using attack graphs, in IEEE Conference on Military Communications (MILCOM) (2006)

23.

J. Pamula, S. Jajodia, P. Ammann, V. Swarup, A weakest-adversary security metric for network configuration security analysis, in 2nd ACM Workshop on Quality of Protection (2006)

24.

S. Noel, S. Jajodia, L. Wang, A. Singhal, Measuring security risk of networks using attack graphs. Int. J. Next-Gener. Comput. 1, 135–147 (2010)

25.

Z. Huang, Human-Centric Training and Assessment for Cyber Situation Awareness, doctoral dissertation, University of Delaware, ProQuest 10014764 (2015)

26.

L. Wang, S. Jajodia, A. Singhal, P. Cheng, S. Noel, k-Zero day safety: a network security metric for measuring the risk of unknown vulnerabilities. IEEE Trans. Dependable Secure Comput. 11, 30–44 (2013)CrossRef

27.

M. Tupper, A.N. Zincir-Heywood, VEA-bility security metric: a network security analysis tool, in 3rd International Conference on Availability, Reliability and Security (2008)

28.

S. Noel, E. Robertson, S. Jajodia, Correlating intrusion events and building attack scenarios through attack graph distances, in 20th Annual Computer Security Applications Conference (ACSAC), Tucson, Arizona, December 2004

29.

S. Noel, S. Jajodia, Attack graphs for sensor placement, alert prioritization, and attack response, in Cyberspace Research Workshop, Air Force Cyberspace Symposium, Shreveport, Louisiana, November 2007

30.

S. Noel, Metrics suite for network attack graphs, in 65th Meeting of IFIP Working Group 10.4 on Dependable Computing and Fault Tolerance, Sorrento, Italy, January 2014

31.

S. Noel, S. Jajodia, Metrics suite for network attack graph analytics, in 9th Annual Cyber and Information Security Research Conference, Oak Ridge National Laboratory, Tennessee, April 2014

Titel: A Suite of Metrics for Network Attack Graph Analytics
verfasst von: Steven Noel
Sushil Jajodia
Verlag: Springer International Publishing
Buch: Network Security Metrics
Print ISBN: 978-3-319-66504-7

Electronic ISBN: 978-3-319-66505-4

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-3-319-66505-4_7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner