VEA-bility Security Metric: A Network Security Analysis Tool

A
ARES
2008
2008 Third International Conference on Availability, Reliability and Security
Abstract - VEA-bility Security Metric: A Network Security Analysis Tool

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Melanie Tupper Articles by A. Nur Zincir-Heywood

2008 Third International Conference on Availability, Reliability and Security

March 04-March 07

ISBN: 978-0-7695-3102-1

	ASCII Text	x
	Melanie Tupper, A. Nur Zincir-Heywood, "VEA-bility Security Metric: A Network Security Analysis Tool," Availability, Reliability and Security, International Conference on, pp. 950-957, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.138, author = {Melanie Tupper and A. Nur Zincir-Heywood}, title = {VEA-bility Security Metric: A Network Security Analysis Tool}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {950-957}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.138}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - VEA-bility Security Metric: A Network Security Analysis Tool SN - 978-0-7695-3102-1 SP950 EP957 A1 - Melanie Tupper, A1 - A. Nur Zincir-Heywood, PY - 2008 KW - network security KW - security metric KW - attack graphs KW - quantitative measure KW - exploit KW - Vulnerability KW - Exploitability KW - Attackability VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Melanie Tupper

A. Nur Zincir-Heywood

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.138

In this work, we propose a novel quantitative security metric, VEA-bility, which measures the desirability of different network configurations. An administrator can then use the VEA-bility scores of different configurations to configure a secure network. Based on our findings, we conclude that the VEA-bility can be used to accurately estimate the comparative desirability of a specific network configuration. This information can then be used to explore alternate possible configurations and allows an administrator to select one among the given options. These tools are important to network administrators as they strive to provide secure, yet functional, network configurations.

Index Terms:

network security, security metric, attack graphs, quantitative measure, exploit, Vulnerability, Exploitability, Attackability

Citation:

Melanie Tupper, A. Nur Zincir-Heywood, "VEA-bility Security Metric: A Network Security Analysis Tool," ares, pp.950-957, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.