A Near Real-Time System for Security Assurance Assessment

Pham, N.; Baud, Loïc; Bellot, Patrick; Riguidel, Michel

doi:10.1109/icimp.2008.28

Cited by 13 publications

(16 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This implies two countermeasures with the reduction effect of 60% or 0.6 and 80% (0.8) will cumulatively effect the same risk with (1-(1-0.6)*(1-0.8)) =1-(0.4)*(0.2) = 0.92. In case more than one risk is associated to an entity, a suitable aggregation function that we refer to as AGF should be selected to aggregate the corresponding reductions effect on those associated risks as shown in (2). This is relevant as risks to a system or an IT component will not have the same importance.…”

Section: Figure1 Security Assurance Aggregation Processmentioning

confidence: 99%

“…Security assurance plays an important role in maintaining and improving the security level of system components and making them therefore more reliable. In that context, recent efforts [1] [2] within the field have been directed towards utilizing quantitative indicators in a more systematic and coordinated fashion to capture the security state of a particular Information Technology (IT) infrastructure. Until recently the focus was mainly on developing qualitative metrics that usually lead to security assurance levels that are either not accurate and/or not repeatable.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Risk Based Approach for Security Assurance Evaluation of IT Systems

Ouedraogo

Mouratidis

Khadraoui³

et al. 2009

2009 Seventh Annual Communication Networks and Services Research Conference

View full text Add to dashboard Cite

show abstract

Section: Figure1 Security Assurance Aggregation Processmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Risk Based Approach for Security Assurance Evaluation of IT Systems

Ouedraogo

Mouratidis

Khadraoui³

et al. 2009

2009 Seventh Annual Communication Networks and Services Research Conference

View full text Add to dashboard Cite

show abstract

“…A comprehensive review of past attack graph research is presented in [8]. More recent approaches include [11], [18], and [19] Figure 6. Order of Vulnerability Instance Compromise in Six Scenarios.…”

Section: Related Workmentioning

confidence: 99%

“…The MulVAL system [21] used in [18] also does not explicitly model firewalls but assumes reachability is provided. Research in [19] uses our prior NetSPA system and thus scales well, but like our prior research, modern attacks and countermeasures are not modeled. Commercial attack graph products such as RedSeal [22] and Skybox [23] model firewalls and compute reachability from firewall rules but neither product's website mentions the ability to model personal firewalls, IPSs, or client side attacks.…”

Section: Related Workmentioning

confidence: 99%

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

Ingols

Chu

Lippmann

et al. 2009

2009 Annual Computer Security Applications Conference

159

View full text Add to dashboard Cite

Abstract-By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective countermeasures. This paper describes substantial enhancements to the NetSPA attack graph system required to model additional present-day threats (zero-day exploits and client-side attacks) and countermeasures (intrusion prevention systems, proxy firewalls, personal firewalls, and host-based vulnerability scans). Point-to-point reachability algorithms and structures were extensively redesigned to support "reverse" reachability computations and personal firewalls. Host-based vulnerability scans are imported and analyzed. Analysis of an operational network with 85 hosts demonstrates that client-side attacks pose a serious threat. Experiments on larger simulated networks demonstrated that NetSPA's previous excellent scaling is maintained. Less than two minutes are required to completely analyze a four-enclave simulated network with more than 40,000 hosts protected by personal firewalls.

show abstract

“…Even if it was possible, assurance on security controls is very difficult once they have been deployed. Some researchers, such as Pham et al [22], have suggested using attack graphs and anomaly detection metrics. However, this approach lacks security effectiveness metrics.…”

Section: F Integration Of Metrics From Different Sources and Balancementioning

confidence: 99%

Towards security effectiveness measurement utilizing risk-based security assurance

Savola

Pentikäinen

Ouedraogo³

2010

2010 Information Security for South Africa

View full text Add to dashboard Cite

Abstract-Systematic and practical approaches to risk-driven operational security evidence help ensure the effectiveness and efficiency of security controls in business-critical applications and services. This paper introduces an enhanced methodology to develop security effectiveness metrics that can be used in connection with correctness assurance of security controls. This methodology is then applied to an example system: a Push E-mail service. The methodology is based on threat and vulnerability analysis, and parallel security requirement and system architecture decomposition.

show abstract

A Near Real-Time System for Security Assurance Assessment

Cited by 13 publications

References 15 publications

A Risk Based Approach for Security Assurance Evaluation of IT Systems

A Risk Based Approach for Security Assurance Evaluation of IT Systems

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

Towards security effectiveness measurement utilizing risk-based security assurance

Contact Info

Product

Resources

About