37th Annual IEEE Conference on Local Computer Networks (2012)
Clearwater Beach, FL, USA USA
Oct. 22, 2012 to Oct. 25, 2012
Moazzam Khan , School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, USA
Mohammad Omer , School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, USA
John Copeland , School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, USA
A network has several attributes which play a role in determining the security of the network and its robustness to external threats. These attributes are related to security through a complex nonlinear function which is generally unknown to the network management personnel. Since the network security is an explicit function of these attributes, the managers do not realize when the value of a certain attribute has become critical to the point of threatening network security. In this paper we take a theoretically rigorous approach to quantifying the effect each of the individual attributes has on the network. By using ideas from probability and decision theory, we can order the significant factors determining network security. This is similar to dimensionality reduction which is commonly employed for model based identification methods. Based on our analysis we can come up with critical coefficients which must be maintained by the administrator if the network is to remain secure to external threats. We show how the mathematical framework leads to the prediction of network's security health, and how real world data can be used to substantiate these claims. Paper concludes by validating our results on a list of compromised machine and determining if our identified metrics played the significant role in the infection.
Security, Measurement, Operating systems, Probability density function, Decision theory, Educational institutions, pdf (probability density function), security metric, botnet, traffic characterization, decision theory
M. Khan, M. Omer and J. Copeland, "Decision centric identification and rank ordering of security metrics," 37th Annual IEEE Conference on Local Computer Networks(LCN), Clearwater Beach, FL, USA USA, 2012, pp. 208-211.