Estimating Mean Time to Compromise Using Non-homogenous Continuous-Time Markov Models
关键词:
摘要: Mean time to compromise is a commonly used comparative metric determine system's weakness and aid in risk mitigation strategies. In this paper, we provide unified framework for measuring network's mean by considering both the skill level of an attacker as well causal relationship that exists between all vulnerabilities network. Unlike existing approaches, methodology estimating coefficient different categories attackers (Beginner, Intermediate, Expert) analyzing 15 years vulnerability data NVD database. We then extend our predictive cybersecurity stochastic model into nonhomogeneous continuous derive overall modeling sojourn each state random variable based on attacker. Finally, demonstrate through case study how can enable security practitioners visualize future optimize necessary steps harden enterprise network from external threats.
sci-hub.se 参考文章(24)
Sushil Jajodia, Steven Noel, Advanced Cyber Attack Modeling Analysis and Visualization ,(2010)
Miles A. McQueen, Wayne F. Boyer, Mark A. Flynn, George A. Beitel, Time-to-Compromise Model for Cyber Risk Reduction Estimation Quality of Protection. pp. 49- 64 ,(2006) , 10.1007/978-0-387-36584-8_5
Subil Abraham, Suku Nair, Exploitability analysis using predictive cybersecurity framework 2015 IEEE 2nd International Conference on Cybernetics (CYBCONF). pp. 317- 323 ,(2015) , 10.1109/CYBCONF.2015.7175953
O.H. Alhazmi, Y.K. Malaiya, Modeling the vulnerability discovery process international symposium on software reliability engineering. pp. 129- 138 ,(2005) , 10.1109/ISSRE.2005.30
Sudhakar Govindavajhala, Xinming Ou, Andrew W. Appel, MulVAL: a logic-based network security analyzer usenix security symposium. pp. 8- 8 ,(2005)
Kishor S. Trivedi, Dong Seong Kim, Arpan Roy, Deep Medhi, Dependability and security models design of reliable communication networks. pp. 11- 20 ,(2009) , 10.1109/DRCN.2009.5340029
J. McHugh, W.L. Fithen, W.A. Arbaugh, Windows of vulnerability: a case study analysis IEEE Computer. ,vol. 33, pp. 52- 59 ,(2000) , 10.1109/2.889093
Karen Scarfone, Peter Mell, An analysis of CVSS version 2 vulnerability scoring empirical software engineering and measurement. pp. 516- 525 ,(2009) , 10.1109/ESEM.2009.5314220
Stefan Frei, Martin May, Ulrich Fiedler, Bernhard Plattner, Large-scale vulnerability analysis Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense - LSAD '06. pp. 131- 138 ,(2006) , 10.1145/1162666.1162671
Lingyu Wang, Anoop Singhal, Sushil Jajodia, Toward measuring network security using attack graphs Proceedings of the 2007 ACM workshop on Quality of protection - QoP '07. pp. 49- 54 ,(2007) , 10.1145/1314257.1314273