...
首页> 外文期刊>Computers & Security >Quantifiable & comparable evaluations of cyber defensive capabilities: A survey & novel, unified approach
【24h】

Quantifiable & comparable evaluations of cyber defensive capabilities: A survey & novel, unified approach

机译:网络防御能力的可量化与可比评估:调查与新颖,统一方法

获取原文
获取原文并翻译 | 示例
   

获取外文期刊封面封底 >>

       

摘要

Metrics and frameworks to quantifiably assess security measures have arisen from needs of three distinct research communities-statistical measures from the intrusion detection and prevention literature, evaluation of cyber exercises, e.g., red-team and capture-the-flag competitions, and economic analyses addressing cost-versus-security tradeoffs. In this paper we provide two primary contributions to the security evaluation literature-a representative survey, and a novel framework for evaluating security that is flexible, applicable to all three use cases, and readily interpretable. In our survey of the literature we identify the distinct themes from each community's evaluation procedures side by side and flesh out the drawbacks and benefits of each. The evaluation framework we propose includes comprehensively modeling the resource, labor, and attack costs in dollars incurred based on expected resource usage, accuracy metrics, and time. This framework provides a unified approach in that it incorporates the accuracy and performance metrics, which dominate intrusion detection evaluation, the time to detection and impact to data and resources of an attack, favored by educational competitions' metrics, and the monetary cost of many essential security components used in financial analysis. Moreover, it is flexible enough to accommodate each use case, easily interpretable and comparable, and comprehensive in terms of costs considered. Finally, we provide two examples of the framework applied to real-world use cases. Overall, we provide a survey and a grounded, flexible framework with multiple concrete examples for evaluating security which can address the needs of three currently distinct communities.
机译:从入侵检测和预防文献的三个不同研究社区的需求中出现了规范和框架,从而从三个不同的研究社区 - 统计措施,网络练习评估,例如红行和捕获 - 国旗竞赛以及经济分析解决成本与安全权衡。在本文中,我们为安全评估文献提供了两项主要贡献 - 代表调查,以及评估安全性的新框架,适用于所有三种用例,并易于解释。在我们对文献的调查中,我们将每个社区评估程序并排的不同主题,并填充每个社区的缺点和益处。我们提出的评估框架包括基于预期资源使用,准确度量和时间来全面建模资源,劳动力和攻击成本。该框架提供了一种统一的方法,因为它采用了主导入侵检测评估的准确性和性能度量,检测和影响攻击的数据和资源,受教育竞争的指标赞成的,以及许多必不可少的货币成本财务分析中使用的安全组件。此外,它足够灵活,可以容纳每个用例,容易解释和可比,以及考虑的成本方面的全面。最后,我们提供了两个应用于现实世界用例的框架的例子。总的来说,我们提供了一个调查和接地灵活的框架,具有多个具体示例,用于评估安全性,这可以满足三个目前不同社区的需求。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号