Abstract : Security assessment is an important task for operation of modern computer networks. The paper suggests the security assessment technique based on attack graphs which can be implemented in contemporary SIEM systems. It is based on the security metrics taxonomy and different techniques for calculation of security metrics according to the data about current events. Proposed metrics form the basis for security awareness and reflect current security situation, including development of attacks, attacks sources and targets, attackers’ characteristics. The technique suggested is demonstrated on a case study.
https://hal.inria.fr/hal-01397255 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Tuesday, November 15, 2016 - 4:01:48 PM Last modification on : Wednesday, November 16, 2016 - 1:04:11 AM Long-term archiving on: : Thursday, March 16, 2017 - 5:06:54 PM
Igor Kotenko, Elena Doynikova. Security Assessment of Computer Networks Based on Attack Graphs and Security Events. 2nd Information and Communication Technology - EurAsia Conference (ICT-EurAsia), Apr 2014, Bali, Indonesia. pp.462-471, ⟨10.1007/978-3-642-55032-4_47⟩. ⟨hal-01397255⟩