Security modelling and analysis of dynamic enterprise networks

Simon Enoch Yusuf, Mengmeng Ge, Jin B. Hong, Huy Kang Kim, Paul Kim, Dong Seong Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Citations (Scopus)

Abstract

Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, the existing graphical security models (e.g., attack graphs and attack trees) have only considered static networks (i.e. the network does not change). It is also unclear how the existing cyber security metrics (e.g., attack cost, shortest attack path) change when the network configuration changes over time. To address this problem, we propose (i) to develop a novel graphical security model named Temporal-Hierarchical Attack Representation Model (T-HARM) to capture network changes and (ii) investigate the effect of network change on the existing cyber security metrics based on the proposed security model. We show how the existing security metrics change when the status of vulnerabilities changes.

Original languageEnglish
Title of host publicationProceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages249-256
Number of pages8
ISBN (Electronic)9781509043149
DOIs
Publication statusPublished - 2017 Mar 10
Event16th IEEE International Conference on Computer and Information Technology, CIT 2016 - Nadi, Fiji
Duration: 2016 Dec 72016 Dec 10

Other

Other16th IEEE International Conference on Computer and Information Technology, CIT 2016
CountryFiji
CityNadi
Period16/12/716/12/10

Fingerprint

Industry
Topology
Costs

Keywords

  • Attack graphs
  • Attack trees
  • Graphical security model
  • Security metrics

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Yusuf, S. E., Ge, M., Hong, J. B., Kim, H. K., Kim, P., & Kim, D. S. (2017). Security modelling and analysis of dynamic enterprise networks. In Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016 (pp. 249-256). [7876345] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIT.2016.88

Security modelling and analysis of dynamic enterprise networks. / Yusuf, Simon Enoch; Ge, Mengmeng; Hong, Jin B.; Kim, Huy Kang; Kim, Paul; Kim, Dong Seong.

Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 249-256 7876345.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yusuf, SE, Ge, M, Hong, JB, Kim, HK, Kim, P & Kim, DS 2017, Security modelling and analysis of dynamic enterprise networks. in Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016., 7876345, Institute of Electrical and Electronics Engineers Inc., pp. 249-256, 16th IEEE International Conference on Computer and Information Technology, CIT 2016, Nadi, Fiji, 16/12/7. https://doi.org/10.1109/CIT.2016.88
Yusuf SE, Ge M, Hong JB, Kim HK, Kim P, Kim DS. Security modelling and analysis of dynamic enterprise networks. In Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 249-256. 7876345 https://doi.org/10.1109/CIT.2016.88
Yusuf, Simon Enoch ; Ge, Mengmeng ; Hong, Jin B. ; Kim, Huy Kang ; Kim, Paul ; Kim, Dong Seong. / Security modelling and analysis of dynamic enterprise networks. Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 249-256
@inproceedings{4dcb314bb33c45c7a7baeb6f33d81a46,
title = "Security modelling and analysis of dynamic enterprise networks",
abstract = "Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, the existing graphical security models (e.g., attack graphs and attack trees) have only considered static networks (i.e. the network does not change). It is also unclear how the existing cyber security metrics (e.g., attack cost, shortest attack path) change when the network configuration changes over time. To address this problem, we propose (i) to develop a novel graphical security model named Temporal-Hierarchical Attack Representation Model (T-HARM) to capture network changes and (ii) investigate the effect of network change on the existing cyber security metrics based on the proposed security model. We show how the existing security metrics change when the status of vulnerabilities changes.",
keywords = "Attack graphs, Attack trees, Graphical security model, Security metrics",
author = "Yusuf, {Simon Enoch} and Mengmeng Ge and Hong, {Jin B.} and Kim, {Huy Kang} and Paul Kim and Kim, {Dong Seong}",
year = "2017",
month = "3",
day = "10",
doi = "10.1109/CIT.2016.88",
language = "English",
pages = "249--256",
booktitle = "Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Security modelling and analysis of dynamic enterprise networks

AU - Yusuf, Simon Enoch

AU - Ge, Mengmeng

AU - Hong, Jin B.

AU - Kim, Huy Kang

AU - Kim, Paul

AU - Kim, Dong Seong

PY - 2017/3/10

Y1 - 2017/3/10

N2 - Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, the existing graphical security models (e.g., attack graphs and attack trees) have only considered static networks (i.e. the network does not change). It is also unclear how the existing cyber security metrics (e.g., attack cost, shortest attack path) change when the network configuration changes over time. To address this problem, we propose (i) to develop a novel graphical security model named Temporal-Hierarchical Attack Representation Model (T-HARM) to capture network changes and (ii) investigate the effect of network change on the existing cyber security metrics based on the proposed security model. We show how the existing security metrics change when the status of vulnerabilities changes.

AB - Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, the existing graphical security models (e.g., attack graphs and attack trees) have only considered static networks (i.e. the network does not change). It is also unclear how the existing cyber security metrics (e.g., attack cost, shortest attack path) change when the network configuration changes over time. To address this problem, we propose (i) to develop a novel graphical security model named Temporal-Hierarchical Attack Representation Model (T-HARM) to capture network changes and (ii) investigate the effect of network change on the existing cyber security metrics based on the proposed security model. We show how the existing security metrics change when the status of vulnerabilities changes.

KW - Attack graphs

KW - Attack trees

KW - Graphical security model

KW - Security metrics

UR - http://www.scopus.com/inward/record.url?scp=85017346105&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85017346105&partnerID=8YFLogxK

U2 - 10.1109/CIT.2016.88

DO - 10.1109/CIT.2016.88

M3 - Conference contribution

AN - SCOPUS:85017346105

SP - 249

EP - 256

BT - Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -