Refining CVSS-Based Network Security Metrics by Examining the Base Scores

2017 ◽  
pp. 25-52 ◽  
Author(s):  
Pengsu Cheng ◽  
Lingyu Wang ◽  
Sushil Jajodia ◽  
Anoop Singhal
Keyword(s):  
Network Security ◽  
Security Metrics

Routing Based on Security

2014 ◽  
pp. 365-380
Author(s):  
I. A. Almerhag
Keyword(s):  
Network Security ◽  
Standard Method ◽  
Blocking Probability ◽  
Computational Effort ◽  
Routing Algorithms ◽  
Measure Data ◽  
Security Metrics ◽  
Essential Requirement ◽  
Blocking Probabilities ◽  
Common Technique

Even though it is an essential requirement of any computer system, there is not yet a standard method to measure data security, especially when sending information over a network. However, the most common technique used to achieve the three goals of security is encryption. Three security metrics are derived from important issues of network security in this chapter. Each metric demonstrates the level of achievement in preserving one of the security goals. Routing algorithms based on these metrics are implemented to test the proposed solution. Computational effort and blocking probability are used to assess the behavior and the performance of these routing algorithms. Results show that the algorithms are able to find feasible paths between communicating parties and make reasonable savings in the computational effort needed to find an acceptable path. Consequently, higher blocking probabilities are encountered, which is the price to be paid for such savings.

Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics

2012 ◽  
Author(s):  
Pengsu Cheng ◽  
Lingyu Wang ◽  
Sushil Jajodia ◽  
Anoop Singhal
Keyword(s):  
Network Security ◽  
Security Metrics

scholarly journals Security Metric Methods for Network Multistep Attacks Using AMC and Big Data Correlation Analysis

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Hao Hu ◽  
Yuling Liu ◽  
Hongqi Zhang ◽  
Yuchen Zhang
Keyword(s):  
Big Data ◽  
Network Security ◽  
Correlation Analysis ◽  
Transition Probability ◽  
Success Probability ◽  
Transition Probability Matrix ◽  
Data Correlation ◽  
Security Metrics ◽  
Proposed Model ◽  
Attack Scenario

Network security metrics allow quantitatively evaluating the overall resilience of networked systems against attacks. From this aim, security metrics are of great importance to the security-related decision-making process of enterprises. In this paper, we employ absorbing Markov chain (AMC) to estimate the network security combining with the technique of big data correlation analysis. Specifically, we construct the model of AMC using a large amount of alert data to describe the scenario of multistep attacks in the real world. In addition, we implement big data correlation analysis to generate the transition probability matrix from alert stream, which defines the probabilities of transferring from one attack action to another according to a given scenario before reaching one of some attack targets. Based on the probability reasoning, two metric algorithms are designed to estimate the attack scenario as well as the attackers, namely, the expected number of visits (ENV) and the expected success probability (ESP). The superiority is that the proposed model and algorithms assist the administrator in building new scenarios, prioritizing alerts, and ranking them.

Sign in / Sign up

Export Citation Format

Share Document