A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Scenario graphs and attack graphs
Scenario graphs and attack graphs
Security Meter: A Practical Decision-Tree Model to Quantify Risk
IEEE Security and Privacy
Diversity as a computer defense mechanism
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
A weakest-adversary security metric for network configuration security analysis
Proceedings of the 2nd ACM workshop on Quality of protection
Vulnerability analysis For evaluating quality of protection of security policies
Proceedings of the 2nd ACM workshop on Quality of protection
Network Security Evaluation: Using the NSA IEM
Network Security Evaluation: Using the NSA IEM
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Quantitative risk assessment for dependent vulnerabilities
RAMS '06 Proceedings of the RAMS '06. Annual Reliability and Maintainability Symposium, 2006.
A Flexible Approach to Measuring Network Security Using Attack Graphs
ISECS '08 Proceedings of the 2008 International Symposium on Electronic Commerce and Security
On System Security Metrics and the Definition Approaches
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Measuring network security using dynamic bayesian network
Proceedings of the 4th ACM workshop on Quality of protection
Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure Window
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
On a Classification Approach for SOA Vulnerabilities
COMPSAC '09 Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 02
Ranking Attacks Based on Vulnerability Analysis
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
Information Systems Research
A Categorization Framework for Common Computer Vulnerabilities and Exposures
The Computer Journal
Estimating risk levels for vulnerability categories using CVSS
International Journal of Internet Technology and Secured Transactions
| Hi-index | 0.00 |
Quantitative security measurement is an essential step in managing security proactively. This measurement can help system administrator in making optimal decisions about mitigation of security risks posed by presence of vulnerabilities. Quantifying security risks using security metrics is an important and yet challenging task, as metrics exists for individual vulnerabilities but how to aggregate these metrics is still an unresolved issue. In this paper, we propose a quantitative security measurement model that measures security level of hosts in the network by aggregating risk levels of vulnerabilities in a meaningful manner. Further, proposed model guides system administrator in prioritising vulnerability mitigation by evaluating relative risk level of vulnerabilities in the network. Proposed model produces quantitative security metrics that provide rapid and consistent security measurement, hence aid in automated and reasonable security management. A case study is presented to demonstrate the efficacy of proposed model.