Comparative analysis and patch optimization using the cyber security analytics framework. (April 2018)
- Record Type:
- Journal Article
- Title:
- Comparative analysis and patch optimization using the cyber security analytics framework. (April 2018)
- Main Title:
- Comparative analysis and patch optimization using the cyber security analytics framework
- Authors:
- Abraham, Subil
Nair, Suku - Other Names:
- Kott Alexander guest-editor.
- Abstract:
- Dependable metrics are one of the critical elements of an organization's information security program and are crucial for its long-term success. Current research in the area of enterprise security metrics provides limited insight on understanding the impact that attacks have on the overall security goals of an enterprise as well as predicting the future security state of the network. In this paper we present a novel security analytics framework that takes into account both the inter-relationship between different vulnerabilities and the temporal features that evolve over time, such as the vulnerability discovery rate and the lifecycle events. We then formally define a non-homogenous stochastic model that incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate, to help visualize the future security state of the network leading to actionable knowledge and insight. We will perform a comparative analysis and also describe the patch optimization methodology by applying this model on a sample network to demonstrate the practicality of our approach.
- Is Part Of:
- Journal of defense modeling and simulation. Volume 15:Number 2(2018:Apr.)
- Journal:
- Journal of defense modeling and simulation
- Issue:
- Volume 15:Number 2(2018:Apr.)
- Issue Display:
- Volume 15, Issue 2 (2018)
- Year:
- 2018
- Volume:
- 15
- Issue:
- 2
- Issue Sort Value:
- 2018-0015-0002-0000
- Page Start:
- 161
- Page End:
- 180
- Publication Date:
- 2018-04
- Subjects:
- Attack graph -- Common Vulnerability Scoring System -- Markov model -- security metrics -- cyber situational awareness -- vulnerability discovery model -- vulnerability lifecycle model
Military art and science -- Computer simulation -- Periodicals
355.0011305 - Journal URLs:
- http://dms.sagepub.com/ ↗
http://www.uk.sagepub.com ↗ - DOI:
- 10.1177/1548512917705743 ↗
- Languages:
- English
- ISSNs:
- 1548-5129
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8028.xml