k-zero day safety: measuring the security risk of networks against unknown attacks

Authors:
Lingyu Wang;Sushil Jajodia;Anoop Singhal;Steven Noel
Affiliations:
Concordia Institute for Information Systems Engineering, Concordia University;Center for Secure Information Systems, George Mason University;Computer Security Division, National Institute of Standards and Technology;Center for Secure Information Systems, George Mason University
Venue:
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Year:
2010

Citing 16
Cited 0

Authentication metric analysis and design

ACM Transactions on Information and System Security (TISSEC)
Practical byzantine fault tolerance and proactive recovery

ACM Transactions on Computer Systems (TOCS)
Scalable, graph-based network vulnerability analysis

Proceedings of the 9th ACM conference on Computer and communications security
Protecting Respondents' Identities in Microdata Release

IEEE Transactions on Knowledge and Data Engineering
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Information-Theoretic Measures for Anomaly Detection

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Quality of protection: measuring the unmeasurable?

Proceedings of the 2nd ACM workshop on Quality of protection
A weakest-adversary security metric for network configuration security analysis

Proceedings of the 2nd ACM workshop on Quality of protection
Common Vulnerability Scoring System

IEEE Security and Privacy
Security Metrics: Replacing Fear, Uncertainty, and Doubt

Security Metrics: Replacing Fear, Uncertainty, and Doubt
Minimum-cost network hardening using attack graphs

Computer Communications
Estimating a System's Mean Time-to-Compromise

IEEE Security and Privacy
An Attack Graph-Based Probabilistic Security Metric

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Measuring network security using dynamic bayesian network

Proceedings of the 4th ACM workshop on Quality of protection
Empirical Estimates and Observations of 0Day Vulnerabilities

HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic [10]. In this paper, we propose a novel security metric, k-zero day safety, based on the number of unknown zero day vulnerabilities. That is, the metric simply counts how many unknown vulnerabilities would be required for compromising a network asset, regardless of what vulnerabilities those might be. We formally define the metric based on an abstract model of networks and attacks. We then devise algorithms for computing the metric. Finally, we show the metric can quantify many existing practices in hardening a network.