Automated security investment analysis of dynamic networks

Simon Enoch Yusuf, Jin Bum Hong, Mengmeng Ge, Hani Alzaid, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

3 Citations (Scopus)

Abstract

It is important to assess the cost benefits of IT security investments. Typically, this is done by manual risk assessment process. In this paper, we propose an approach to automate this using graphical security models (GSMs). GSMs have been used to assess the security of networked systems using various security metrics. Most of the existing GSMs assumed that networks are static, however, modern networks (e.g., Cloud and Software Defined Networking) are dynamic with changes. Thus, it is important to develop an approach that takes into account the dynamic aspects of networks. To this end, we automate security investments analysis of dynamic networks using a GSM named Temporal-Hierarchical Attack Representation Model (T-HARM) in order to automatically evaluate the security investments and their effectiveness for a given period of time. We demonstrate our approach via simulations.
Original languageEnglish
Title of host publicationACSW '18 Proceedings of the Australasian Computer Science Week Multiconference
Place of PublicationUnited States
PublisherAssociation for Computing Machinery (ACM)
Number of pages10
ISBN (Print)9781450354363
DOIs
Publication statusPublished - 2018
Externally publishedYes
Event2018 Australasian Computer Science Week Multiconference - Brisbane, Australia
Duration: 29 Jan 20182 Feb 2018

Conference

Conference2018 Australasian Computer Science Week Multiconference
Abbreviated titleACSW '18
CountryAustralia
CityBrisbane
Period29/01/182/02/18

Fingerprint Dive into the research topics of 'Automated security investment analysis of dynamic networks'. Together they form a unique fingerprint.

Cite this