Visible to the public Automated Security Investment Analysis of Dynamic Networks

TitleAutomated Security Investment Analysis of Dynamic Networks
Publication TypeConference Paper
Year of Publication2018
AuthorsEnoch, Simon Yusuf, Hong, Jin B., Ge, Mengmeng, Alzaid, Hani, Kim, Dong Seong
Conference NameProceedings of the Australasian Computer Science Week Multiconference
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5436-3
KeywordsAttack Graphs, attack trees, composability, Metrics, pubcrawl, resilience, Resiliency, security analysis, security economics, security metrics
AbstractIt is important to assess the cost benefits of IT security investments. Typically, this is done by manual risk assessment process. In this paper, we propose an approach to automate this using graphical security models (GSMs). GSMs have been used to assess the security of networked systems using various security metrics. Most of the existing GSMs assumed that networks are static, however, modern networks (e.g., Cloud and Software Defined Networking) are dynamic with changes. Thus, it is important to develop an approach that takes into account the dynamic aspects of networks. To this end, we automate security investments analysis of dynamic networks using a GSM named Temporal-Hierarchical Attack Representation Model (T-HARM) in order to automatically evaluate the security investments and their effectiveness for a given period of time. We demonstrate our approach via simulations.
Citation Keyenoch_automated_2018