Evaluation of computer network security based on attack graphs and security event processing

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications

Volumn 5, Issue 3, 2014, Pages 14-29

  Kotenko, Igor ^a,b   Doynikova, Elena ^a  

^a ST PETERSBURG INSTITUTE FOR INFORMATICS AND AUTOMATION   (Russian Federation)

^b ITMO UNIVERSITY   (Russian Federation)

Author keywords

Attack graphs; Cyber situational awareness; Security incidents; Security metrics; Security metrics taxonomy; SIEM systems

Indexed keywords

EID: 84907261113     PISSN: 20935374     EISSN: 20935382     Source Type: Journal    
DOI: None     Document Type: Article

References (25)

1. I. Kotenko and E. Doynikova, “Security assessment of computer networks based on attack graphs and security events,” in Proc. of the 2nd IFIP TC5/8 International Conference (ICT-EurAsia’14), Bali, Indonesia, LNCS, vol. 8047. Springer-Verlag, April 2014, pp. 462-471.
2. I. Kotenko and A. Chechulin, “Attack modeling and security evaluation in SIEM systems,” International Transactions on Systems Science and Applications, vol. 8, pp. 129-147, December 2013.
3. I. Kotenko, I. Saenko, O. Polubelova, and E. Doynikova, “The ontology of metrics for security evaluation and decision support in SIEM systems,” in Proc. of the 8th International Conference on Availability, Reliability and Security (ARES’13), Regensburg, Germany. IEEE, September 2013, pp. 638-645.
4. M. S. Ahmed, E. Al-Shaer, and L. Khan, “A novel quantitative approach for measuring network security,” in Proc. of The 27th IEEE Conference on Computer Communications (INFOCOM’08), Phoenix, Arizona, USA. IEEE, April 2008, pp. 1957-1965.
5. C. W. Axelrod, “Accounting for value and uncertainty in security metrics,” Information Systems Control Journal, vol. 6, pp. 1-6, 2008.
6. B. A. Blakely, “Cyberprints identifying cyber attackers by feature analysis,” Ph.D. dissertation, Iowa State University, 2012.
7. R. Dantu, P. Kolan, and J. Cangussu, “Network risk management using attacker profiling,” Security and Communication Networks, vol. 2, no. 1, pp. 83-96, 2009.
8. N. Idika, “Characterizing and aggregating attack graph-based security metric,” Ph.D. dissertation, Purdue University, 2010.
9. “The CIS security metrics,” The Center for Internet Security, 2009.
10. R. Henning and et al., “Security metrics,” in Proc. of the Workshop on Information Security System, Scoring and Ranking. Williamsburg, Virginia: MITRE, 2001.
11. R. Vaughn, R. Henning, and A. Siraj, “Information assurance measures and metrics: State of practice and proposed taxonomy,” January 2003.
12. M. Swanson, N. Bartol, J. Sabato, J. Hash, and L. Graffo, “Security metrics guide for information technology systems,” NIST Special Publication 800-55, Tech. Rep., July 2003.
13. N. Seddigh, P. Pieda, A. Matrawy, B. Nandy, I. Lambadaris, and A. Hatfield, “Current trends and advances in information assurance metrics,” pp. 197-205, October 2004.
14. N. Kheir, N. Cuppens-Boulahia, F. Cuppens, and H. Debar, “A service dependency model for cost-sensitive intrusion response,” pp. 626-642, September 2010.
15. W. Kanoun, N. Cuppens-Boulahia, F. Cuppens, and J. Araujo, “Automated reaction based on risk analysis and attackers skills in intrusion detection systems,” pp. 117-124, October 2008.
16. P. Mell, K. Scarfone, and S. Romanosky, “A complete guide to the common vulnerability scoring system version 2.0,” 2007.
17. M. Jahnke, C. Thul, and P. Martini, “Graph-based metrics for intrusion response measures in computer networks,” pp. 1035-1042, October 2007.
18. I. Kotenko and A. Chechulin, “A cyber attack modeling and impact assessment framework,” pp. 119-142, June 2013.
19. A. P. Moore, R. J. Ellison, and R. C. Linger, “Attack modeling for information security and survivability,” Survivable Systems, Tech. Rep. Technical Note CMU/SEI-2001-TN-001, 2001.
20. N. Poolsappasit, R. Dewri, and I. Ray, “Dynamic security risk management using bayesian attack graphs,” IEEE Transactions on Dependable and Security Computing, vol. 9, no. 1, pp. 61-74, 2012.
21. I. Kotenko, E. Doynikova, and A. Chechulin, “Security metrics based on attack graphs for the Olympic Games scenario,” pp. 561-568, February 2014.
22. A. Mayer, “Operational security risk metrics: Definitions, calculations, visualizations,” Metricon 2.0, CTO RedSeal Systems, Tech. Rep., 2007.
23. “NMap reference guide,” http://nmap.org/book/man.html.
24. “ISO/IEC 27005:2008, Information technology—Security techniques—Information security risk management,” 2008.
25. P. K. Manadhata and J. M. Wing, “An attack surface metric,” IEEE Transactions on Software Engineering, vol. 37, no. 3, pp. 371-386, 2010.