|
This research investigates efficient and effective quantitative risk analytics methods for enterprise network security. The research uses attack graphs, a widely used and well-tested technique for enterprise network security analysis, as the foundation to build a metric model. It aims to produce a theoretically sound model with extensive empirical evaluation on continuous fresh data from production networks. The soundness ensures that the computed metrics have a clear meaning, which is useful since inputs to such metric models are inevitably imprecise probability estimates, but one still needs the computed metrics to be meaningful within a known error bound so that they can be further applied to estimate expected loss from possible cyber breaches. The research investigates methods that can calculate such metrics both efficiently, and with controlled accuracy. The metric model will be evaluated on continuous fresh data produced from the PI's departmental network at Kansas State University, as well as other available data sources.
This research will provide technology and tools for organizations to dramatically improve the efficiency in security administration of their enterprise networks. The metric models developed from the research will facilitate knowledge sharing among stake holders in cyber security, leading to standardized technologies that benefit our society. The PI's intend to widely disseminate the research result to security practitioners in the field, through tutorials and workshops. The researchers will collaborate with Idaho National Laboratory to apply the metric models to critical infrastructure protection. The research/education activities also outreach to a larger community, including women and other under-represented groups in science and engineering, through the various programs already established at Kansas State University.
|
TC: Small: Collaborative Research:Models and Techniques for Enterprise Network Security Metrics