CVSS-based Probabilistic Risk Assessment for Cyber Situational Awareness and Countermeasure Selection

被引:27
作者
Doynikova, Elena [1 ]
Kotenko, Igor [1 ]
机构
[1] Russian Acad Sci SPIIRAS, Lab Comp Secur Problems, St Petersburg Inst Informat & Automat, St Petersburg, Russia
来源
2017 25TH EUROMICRO INTERNATIONAL CONFERENCE ON PARALLEL, DISTRIBUTED AND NETWORK-BASED PROCESSING (PDP 2017) | 2017年
基金
俄罗斯科学基金会;
关键词
risk assessment; CVSS; security events; security metrics; attack graphs; SIEM;
D O I
10.1109/PDP.2017.44
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The paper suggests several techniques for computer network risk assessment based on Common Vulnerability Scoring System (CVSS) and attack modeling. Techniques use a set of integrated security metrics and consider input data from security information and event management (SIEM) systems. Risk assessment techniques differ according to the used input data. They allow to get risk assessment considering requirements to the accuracy and efficiency. Input data includes network characteristics, attacks, attacker characteristics, security events and countermeasures. The tool that implements these techniques is presented. Experiments demonstrate operation of the techniques for different security situations.
引用
收藏
页码:346 / 353
页数:8
相关论文
共 14 条
[1]  
[Anonymous], 2007, 1 FORUM INCIDENT RES
[2]  
[Anonymous], 2011, 270052011 ISO IEC
[3]  
[Anonymous], 2011, 270352011 ISO IEC
[4]  
CREMONINI M, 2005, 4 WORKSH EC INF SEC
[5]  
Frigault M., 2008, 2008 ACM WORKSH QUAL
[6]  
Ketenko I., 2013, IEEE 7 INT C INT DAT, P646
[7]  
Kheir N, 2010, LECT NOTES COMPUT SC, V6345, P626, DOI 10.1007/978-3-642-15497-3_38
[8]  
Kotenko I, 2015, INT WORKSH INT DATA, P436, DOI 10.1109/IDAACS.2015.7340774
[9]  
Kotenko I, 2014, LECT NOTES COMPUT SC, V8407, P462, DOI 10.1007/978-3-642-55032-4_47
[10]   An Attack Surface Metric [J].
Manadhata, Pratyusa K. ;
Wing, Jeannette M. .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2011, 37 (03) :371-386
12