Cyber Risk Assessment of Networked Cyber Assets using Probabilistic Model Checking

摘要

Attack path analysis to assess the path from the external facing entities to the inner hosts and network elements is a much researched problem. However, to compute a summary risk value per device, based on vulnerabilities discovered on a daily basis, is a much demanded capability in the arsenal of any security administrator of an enterprise network. Further, higher management such as CISOs have to be convinced with numerical risk comparisons to allow the down time required to patch the systems as opposed to defer it till a much later date during a scheduled shutdown. It must be noted that each security administrator's problem is different due to the difference in the structure and composition of the network they administer. Therefore, no industry data source can help in getting these numbers, as the risk numbers are specific to each network and its components. In this paper, we present a methodology based in probabilistic model checking to compute these risk scores for each device in an enterprise network.