| Title | Automated Security Investment Analysis of Dynamic Networks |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Enoch, Simon Yusuf, Hong, Jin B., Ge, Mengmeng, Alzaid, Hani, Kim, Dong Seong |
| Conference Name | Proceedings of the Australasian Computer Science Week Multiconference |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5436-3 |
| Keywords | Attack Graphs, attack trees, composability, Metrics, pubcrawl, resilience, Resiliency, security analysis, security economics, security metrics |
| Abstract | It is important to assess the cost benefits of IT security investments. Typically, this is done by manual risk assessment process. In this paper, we propose an approach to automate this using graphical security models (GSMs). GSMs have been used to assess the security of networked systems using various security metrics. Most of the existing GSMs assumed that networks are static, however, modern networks (e.g., Cloud and Software Defined Networking) are dynamic with changes. Thus, it is important to develop an approach that takes into account the dynamic aspects of networks. To this end, we automate security investments analysis of dynamic networks using a GSM named Temporal-Hierarchical Attack Representation Model (T-HARM) in order to automatically evaluate the security investments and their effectiveness for a given period of time. We demonstrate our approach via simulations. |
| DOI | 10.1145/3167918.3167964 |
| Citation Key | enoch_automated_2018 |
Automated Security Investment Analysis of Dynamic Networks