Skip to main content
SpringerLink
Log in

Network Security Metrics

  • Book
  • © 2017

Overview

Authors:
  1. Lingyu Wang

    1. Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Canada

    View author publications

    You can also search for this author in PubMed   Google Scholar

  2. Sushil Jajodia

    1. Center for Secure Information Systems, George Mason University, Fairfax, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

  3. Anoop Singhal

    1. Computer Security Division, NIST, Gaithersburg, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Reviews a range of network security models that focus on combining individual metric scores obtained from standard scoring systems, such as CVSS, into an overall measure of network security.
  • Devotes several chapters on network security metrics specifically designed with zero day attacks in mind
  • Discusses various applications of network security metrics, ranging from network attack graph analytics to performance evaluation for security operation centers.

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book USD 139.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (8 chapters)

  1. Front Matter

    Pages i-xiv
    Download chapter PDF

  2. Measuring the Overall Network Security by Combining CVSS Scores Based on Attack Graphs and Bayesian Networks

    • Marcel Frigault, Lingyu Wang, Sushil Jajodia, Anoop Singhal
    Pages 1-23

  3. Refining CVSS-Based Network Security Metrics by Examining the Base Scores

    • Pengsu Cheng, Lingyu Wang, Sushil Jajodia, Anoop Singhal
    Pages 25-52

  4. Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs

    • Anoop Singhal, Xinming Ou
    Pages 53-73

  5. k-Zero Day Safety: Evaluating the Resilience of Networks Against Unknown Attacks

    • Lingyu Wang, Sushil Jajodia, Anoop Singhal, Pengsu Cheng, Steven Noel
    Pages 75-93

  6. Using Bayesian Networks to Fuse Intrusion Evidences and Detect Zero-Day Attack Paths

    • Xiaoyan Sun, Jun Dai, Peng Liu, Anoop Singhal, John Yen
    Pages 95-115

  7. Evaluating the Network Diversity of Networks Against Zero-Day Attacks

    • Mengyuan Zhang, Lingyu Wang, Sushil Jajodia, Anoop Singhal
    Pages 117-140

  8. A Suite of Metrics for Network Attack Graph Analytics

    • Steven Noel, Sushil Jajodia
    Pages 141-176

  9. A Novel Metric for Measuring Operational Effectiveness of a Cybersecurity Operations Center

    • Rajesh Ganesan, Ankit Shah, Sushil Jajodia, Hasan Cam
    Pages 177-207
Back to top

Keywords

About this book

This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since “you cannot improve what you cannot measure”, a network security metric is essential to evaluating the relative effectiveness of potential network security solutions.

The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknownattacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective.

Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC).

Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.

Authors and Affiliations

  • Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Canada

    Lingyu Wang

  • Center for Secure Information Systems, George Mason University, Fairfax, USA

    Sushil Jajodia

  • Computer Security Division, NIST, Gaithersburg, USA

    Anoop Singhal

Bibliographic Information

  • Book Title: Network Security Metrics

  • Authors: Lingyu Wang, Sushil Jajodia, Anoop Singhal

  • DOI: https://doi.org/10.1007/978-3-319-66505-4

  • Publisher: Springer Cham

  • eBook Packages: Computer Science, Computer Science (R0)

  • Copyright Information: Springer International Publishing AG 2017

  • Hardcover ISBN: 978-3-319-66504-7Published: 23 November 2017

  • Softcover ISBN: 978-3-319-88259-8Published: 01 September 2018

  • eBook ISBN: 978-3-319-66505-4Published: 15 November 2017

  • Edition Number: 1

  • Number of Pages: XIV, 207

  • Number of Illustrations: 47 b/w illustrations, 63 illustrations in colour

  • Topics: Systems and Data Security, Computer Communication Networks, Cryptology

Publish with us

Policies and ethics

Back to top

Search

Navigation