Visible to the public Estimating Target Distribution in security assessment models

Submitted by grigby1 on Wed, 09/12/2018 - 10:13am
TitleEstimating Target Distribution in security assessment models
Publication TypeConference Paper
Year of Publication2017
AuthorsWeintraub, E.
Conference Name2017 IEEE 2nd International Verification and Security Workshop (IVSW)
PublisherIEEE
ISBN Number978-1-5386-1708-3
Keywordsbusiness data processing, Computational modeling, Computers, cyber-attacks, Damage Assessment, Databases, distributed computing, distributed processing, Information security, Monitoring, network security assessment models, Organizations, pubcrawl, real-time system configuration, Real-time Systems, resilience, Resiliency, security, security assessment, security monitoring system, security of data, Standards organizations, target distribution, Vulnerability
Abstract

Organizations are exposed to various cyber-attacks. When a component is exploited, the overall computed damage is impacted by the number of components the network includes. This work is focuses on estimating the Target Distribution characteristic of an attacked network. According existing security assessment models, Target Distribution is assessed by using ordinal values based on users' intuitive knowledge. This work is aimed at defining a formula which enables measuring quantitatively the attacked components' distribution. The proposed formula is based on the real-time configuration of the system. Using the proposed measure, firms can quantify damages, allocate appropriate budgets to actual real risks and build their configuration while taking in consideration the risks impacted by components' distribution. The formula is demonstrated as part of a security continuous monitoring system.
URLhttps://ieeexplore.ieee.org/document/8031549/
DOI10.1109/IVSW.2017.8031549
Citation Keyweintraub_estimating_2017
Groups: