The University of Southampton
University of Southampton Institutional Repository

Dynamic Threat Assessment for Prioritising Computer Network Security

Hayat, MZ, Reeve, JS and Boutle, C (2006) Dynamic Threat Assessment for Prioritising Computer Network Security At 5th European Conference on Information Warefare and Security, Finland.

Record type: Conference or Workshop Item (Paper)

Abstract

Large corporations today consist of heterogeneous IT networks with many thousands of devices, which may use numerous physical and logical interfaces to communicate. Much effort has been applied in automating laborious, time-consuming and sometimes-repetitive security services such as patch management and event loggers for these networks. However such tasks can still take many hours and even days to successfully complete. Currently it is left to the systems administrators’ discretion to choose in which order to protect individual devices, which on larger networks can result in arbitrary security protection at best. In light of the rapidly decreasing time between vulnerabilities being discovered and maliciously exploited by malware, such an arbitrary method introduces an unacceptable level of risk to the security of those devices, which are critical to business processes. An information risk management approach needs to be adopted to ensure the protection of the network with a high likelihood; this can be achieved through the prioritisation of critical devices. In this introductory paper a generic prioritisation technique for individual devices in a network is described offering a methodical alternative to the current ambiguity of a systems administrators operations. The technique is based upon compromise path analysis, which identifies critical paths in a network from a security viewpoint and is relevant in a wide range of operations from the application of security services to analysing their results. The vulnerability period metric is introduced, as a mechanism to control the risk exposure to individual devices through prioritisation.

Microsoft Word simp_priori8a.doc - Other
Download (772kB)

More information

Published date: 2006
Additional Information: Event Dates: June 2006
Venue - Dates: 5th European Conference on Information Warefare and Security, Finland, 2006-06-01
Organisations: EEE

Identifiers

Local EPrints ID: 262277
URI: http://eprints.soton.ac.uk/id/eprint/262277
PURE UUID: 1421c370-48f7-417c-9ead-a74393ac20f6

Catalogue record

Date deposited: 05 Apr 2006
Last modified: 18 Jul 2017 08:52

Export record

Contributors

Author: MZ Hayat
Author: JS Reeve
Author: C Boutle

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×