TC:Small:Collaborative Research:Models and Techniques for Enterprise Network Security Metrics

TC：小型：协作研究：企业网络安全指标的模型和技术

• 批准号: 1018703
• 负责人: Xinming Ou
• 金额: $ 39.67万
• 依托单位: Kansas State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-10-01 至 2014-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1018703&HistoricalAwards=false
• 关键词: TC; Small; Collaborative; Research; Models

This research investigates efficient and effective quantitative risk analytics methods for enterprise network security. The research uses attack graphs, a widely used and well-tested technique for enterprise network security analysis, as the foundation to build a metric model. It aims to produce a theoretically sound model with extensive empirical evaluation on continuous fresh data from production networks. The soundness ensures that the computed metrics have a clear meaning, which is useful since inputs to such metric models are inevitably imprecise probability estimates, but one still needs the computed metrics to be meaningful within a known error bound so that they can be further applied to estimate expected loss from possible cyber breaches. The research investigates methods that can calculate such metrics both efficiently, and with controlled accuracy. The metric model will be evaluated on continuous fresh data produced from the PI's departmental network at Kansas State University, as well as other available data sources.This research will provide technology and tools for organizations to dramatically improve the efficiency in security administration of their enterprise networks. The metric models developed from the research will facilitate knowledge sharing among stake holders in cyber security, leading to standardized technologies that benefit our society. The PI's intend to widely disseminate the research result to security practitioners in the field, through tutorials and workshops. The researchers will collaborate with Idaho National Laboratory to apply the metric models to critical infrastructure protection. The research/education activities also outreach to a larger community, including women and other under-represented groups in science and engineering, through the various programs already established at Kansas State University.For further information see the project web site at the URL:http://people.cis.ksu.edu/~xou/securitymetrics/

本研究探讨了企业网络安全的高效和有效的定量风险分析方法。该研究使用攻击图，一个广泛使用的和久经考验的技术，企业网络安全分析，作为基础，建立一个度量模型。它的目的是产生一个理论上合理的模型，并对来自生产网络的连续新鲜数据进行广泛的实证评估。可靠性确保了计算的度量具有明确的含义，这是有用的，因为对这种度量模型的输入不可避免地是不精确的概率估计，但是仍然需要计算的度量在已知的误差范围内是有意义的，使得它们可以进一步应用于估计来自可能的网络漏洞的预期损失。该研究调查了可以有效地计算这些指标的方法，并具有受控的准确性。该度量模型将在堪萨斯州立大学PI部门网络以及其他可用数据源产生的连续新鲜数据上进行评估。从研究中开发的度量模型将促进网络安全利益相关者之间的知识共享，从而实现有利于我们社会的标准化技术。PI打算通过教程和研讨会将研究结果广泛传播给该领域的安全从业人员。研究人员将与爱达荷州国家实验室合作，将指标模型应用于关键基础设施保护。通过堪萨斯州立大学已经建立的各种项目，研究/教育活动还延伸到更大的社区，包括妇女和其他在科学和工程领域代表性不足的群体。欲了解更多信息，请访问项目网站：http://people.cis.ksu.edu/~xou/securitymetrics/