Comparative analysis and patch optimization using the cyber security analytics framework
Subil Abraham and
Suku Nair
The Journal of Defense Modeling and Simulation, 2018, vol. 15, issue 2, 161-180
Abstract:
Dependable metrics are one of the critical elements of an organization’s information security program and are crucial for its long-term success. Current research in the area of enterprise security metrics provides limited insight on understanding the impact that attacks have on the overall security goals of an enterprise as well as predicting the future security state of the network. In this paper we present a novel security analytics framework that takes into account both the inter-relationship between different vulnerabilities and the temporal features that evolve over time, such as the vulnerability discovery rate and the lifecycle events. We then formally define a non-homogenous stochastic model that incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate, to help visualize the future security state of the network leading to actionable knowledge and insight. We will perform a comparative analysis and also describe the patch optimization methodology by applying this model on a sample network to demonstrate the practicality of our approach.
Keywords: Attack graph; Common Vulnerability Scoring System; Markov model; security metrics; cyber situational awareness; vulnerability discovery model; vulnerability lifecycle model (search for similar items in EconPapers)
Date: 2018
References: View complete reference list from CitEc
Citations:
Downloads: (external link)
https://journals.sagepub.com/doi/10.1177/1548512917705743 (text/html)
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:sae:joudef:v:15:y:2018:i:2:p:161-180
DOI: 10.1177/1548512917705743
Access Statistics for this article
More articles in The Journal of Defense Modeling and Simulation
Bibliographic data for series maintained by SAGE Publications ().