Security Metrics: Replacing Fear, Uncertainty, and Doubt
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Risk assessment in practice: A real case study
Computer Communications
HASE '08 Proceedings of the 2008 11th IEEE High Assurance Systems Engineering Symposium
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Measuring the overall security of network configurations using attack graphs
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Ideal based cyber security technical metrics for control systems
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Can we measure security and how?
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Hi-index | 0.00 |
Finding relevant metrics in information security is an important but difficult problem. In this paper, we propose to empirically investigate the relevance of different security metrics that could be derived from intrusion prevention system (IPS) alert events and computer security incident data. Based on the data provided by the University of Maryland, we show that IPS metrics are linked to security incidents, and also that different types of security incidents have different significant metrics. These results can be used for identifying possible candidates for security incident indicators, developing methods to improve incident prevention and helping organizations interpret their IPS's better in the future.