Dynamic Security Assessment Of Computer Networks In Siem-Systems
| Autor: | Elena Vladimirovna Doynikova, Igor Vitalievich Kotenko, Andrey Alexeevich Chechulin |
|---|---|
| Jazyk: | English<br />Russian |
| Rok vydání: | 2015 |
| Předmět: | |
| Zdroj: | Безопасность информационных технологий, Vol 22, Iss 3 (2015) |
| Druh dokumentu: | article |
| ISSN: | 2074-7128 2074-7136 |
| Popis: | The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems). Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios. |
| Databáze: | Directory of Open Access Journals |
| Externí odkaz: |
|