Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Hi-index | 0.00 |
The existing network security assessment models have the problems of inadequate capacity of quantitative analysis and lacking for vulnerabilities correlation. To address these problems, a hierarchical network security evaluation model is proposed. The network is divided into vulnerability level, service level, equipment level and network level. The model uses attack graph to correlate the network vulnerabilities, and then calculates the probabilities of successfully exploiting the vulnerabilities. On this basis, the quantitative risks of each level are calculated. Since this model much more accords with the features of network structure, it is an effectively guidance for the network administrators to develop and improve the network security policies.