Quantitative Security Risk Assessment of Enterprise Networks

Protection of enterprise networks from malicious intrusions is critical to the economy and security of our nation. This article gives an overview of the techniques and challenges for security risk analysis of enterprise networks. A standard model for security analysis will enable us to answer questi...

Full description

Bibliographic Details
Main Authors: Ou, Xinming, Singhal, Anoop (Author)
Format: eBook
Language:English
Published: New York, NY Springer New York 2011, 2011
Edition:1st ed. 2011
Series:SpringerBriefs in Computer Science
Subjects:
Online Access:
Collection: Springer eBooks 2005- - Collection details see MPG.ReNa
LEADER 02145nmm a2200361 u 4500
001 EB000364011
003 EBX01000000000000000217063
005 00000000000000.0
007 cr|||||||||||||||||||||
008 130626 ||| eng
020 |a 9781461418603 
100 1 |a Ou, Xinming 
245 0 0 |a Quantitative Security Risk Assessment of Enterprise Networks  |h Elektronische Ressource  |c by Xinming Ou, Anoop Singhal 
250 |a 1st ed. 2011 
260 |a New York, NY  |b Springer New York  |c 2011, 2011 
300 |a XIII, 28 p  |b online resource 
505 0 |a The Need for Quantifying Security -- Attack Graph Techniques -- The Common Vulnerability Scoring System (CVSS) -- Security Risk Analysis of Enterprise Networks Using Attack Graphs -- Conclusion 
653 |a Computer Communication Networks 
653 |a Electronic digital computers / Evaluation 
653 |a System Performance and Evaluation 
653 |a Hardware Performance and Reliability 
653 |a Computers 
653 |a Computer networks  
653 |a Data protection 
653 |a Data and Information Security 
700 1 |a Singhal, Anoop  |e [author] 
041 0 7 |a eng  |2 ISO 639-2 
989 |b Springer  |a Springer eBooks 2005- 
490 0 |a SpringerBriefs in Computer Science 
028 5 0 |a 10.1007/978-1-4614-1860-3 
856 4 0 |u https://doi.org/10.1007/978-1-4614-1860-3?nosfx=y  |x Verlag  |3 Volltext 
082 0 |a 005.8 
520 |a Protection of enterprise networks from malicious intrusions is critical to the economy and security of our nation. This article gives an overview of the techniques and challenges for security risk analysis of enterprise networks. A standard model for security analysis will enable us to answer questions such as “are we more secure than yesterday” or “how does the security of one network configuration compare with another one”. In this article, we will present a methodology for quantitative security risk analysis that is based on the model of attack graphs and the Common Vulnerability Scoring System (CVSS). Our techniques analyze all attack paths through a network, for an attacker to reach certain goal(s)