Titlebook: Network Security Metrics; Lingyu Wang,Sushil Jajodia,Anoop Singhal Book 2017 Springer International Publishing AG 2017 Network security.Se

Lice692

verdict

范例

Using Bayesian Networks to Fuse Intrusion Evidences and Detect Zero-Day Attack Paths,nce-graph-based Bayesian network is able to incorporate the collected intrusion evidence and infer the probabilities of object instances being infected. By connecting the instances with high probabilities, ZePro is able to generate the zero-day attack paths. This chapter evaluated the effectiveness of ZePro for zero-day attack path identification.

Proclaim

核心

Measuring the Overall Network Security by Combining CVSS Scores Based on Attack Graphs and Bayesianed. This chapter examines several approaches to combining the CVSS scores of individual vulnerabilities into an overall measure for network security. First, we convert CVSS base scores into probabilities and then propagate such probabilities along attack paths in an attack graph in order to obtain a

遍及

Refining CVSS-Based Network Security Metrics by Examining the Base Scores,rabilities provides a measurement of the overall security of networks with respect to potential attacks. However, most existing approaches to combining such scores, either based on attack graphs or Bayesian networks, share two limitations. First, a dependency relationship between vulnerabilities wil

defray

Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs,ll security of an enterprise network cannot be determined by simply counting the number of vulnerabilities. To more accurately assess the security of enterprise systems, one must understand how vulnerabilities can be combined and exploited to stage an attack. Composition of vulnerabilities can be mo

Finasteride

,-Zero Day Safety: Evaluating the Resilience of Networks Against Unknown Attacks,antifiable evidences to assist security practitioners in securing computer networks. However, the security risk of unknown vulnerabilities is usually considered as something unmeasurable due to the less predictable nature of software flaws. This leads to a challenge for security metrics, because a m

Archipelago

Using Bayesian Networks to Fuse Intrusion Evidences and Detect Zero-Day Attack Paths,k security defense. A multi-step attack involving one or more zero-day exploits forms a zero-day attack path. This chapter describes a prototype system called ZePro, which takes a probabilistic approach for zero-day attack path identification. ZePro first constructs a network-wide system object inst

有法律效應(yīng)

Evaluating the Network Diversity of Networks Against Zero-Day Attacks,nd network routing. However, most existing efforts rely on intuitive and imprecise notions of diversity, and the few existing models of diversity are mostly designed for a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire n