EconPapers    
Economics at your fingertips  
 

Comparative analysis and patch optimization using the cyber security analytics framework

Subil Abraham and Suku Nair

The Journal of Defense Modeling and Simulation, 2018, vol. 15, issue 2, 161-180

Abstract: Dependable metrics are one of the critical elements of an organization’s information security program and are crucial for its long-term success. Current research in the area of enterprise security metrics provides limited insight on understanding the impact that attacks have on the overall security goals of an enterprise as well as predicting the future security state of the network. In this paper we present a novel security analytics framework that takes into account both the inter-relationship between different vulnerabilities and the temporal features that evolve over time, such as the vulnerability discovery rate and the lifecycle events. We then formally define a non-homogenous stochastic model that incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate, to help visualize the future security state of the network leading to actionable knowledge and insight. We will perform a comparative analysis and also describe the patch optimization methodology by applying this model on a sample network to demonstrate the practicality of our approach.

Keywords: Attack graph; Common Vulnerability Scoring System; Markov model; security metrics; cyber situational awareness; vulnerability discovery model; vulnerability lifecycle model (search for similar items in EconPapers)
Date: 2018
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://journals.sagepub.com/doi/10.1177/1548512917705743 (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:sae:joudef:v:15:y:2018:i:2:p:161-180

DOI: 10.1177/1548512917705743

Access Statistics for this article

More articles in The Journal of Defense Modeling and Simulation
Bibliographic data for series maintained by SAGE Publications ().

 
Page updated 2025-03-19
Handle: RePEc:sae:joudef:v:15:y:2018:i:2:p:161-180