Quantitative Security Risk Assessment of Enterprise Networks [recurso electrónico] / by Xinming Ou, Anoop Singhal.
Tipo de material: TextoSeries SpringerBriefs in Computer ScienceEditor: New York, NY : Springer New York, 2011Descripción: XIII, 28p. online resourceTipo de contenido: text Tipo de medio: computer Tipo de portador: online resourceISBN: 9781461418603Tema(s): Computer science | Operating systems (Computers) | Computer Communication Networks | Computer system performance | Data protection | Computer Science | Systems and Data Security | Computer Communication Networks | Performance and Reliability | System Performance and EvaluationFormatos físicos adicionales: Printed edition:: Sin títuloClasificación CDD: 005.8 Clasificación LoC:QA76.9.A25Recursos en línea: Libro electrónicoTipo de ítem | Biblioteca actual | Colección | Signatura | Copia número | Estado | Fecha de vencimiento | Código de barras |
---|---|---|---|---|---|---|---|
Libro Electrónico | Biblioteca Electrónica | Colección de Libros Electrónicos | QA76.9 .A25 (Browse shelf(Abre debajo)) | 1 | No para préstamo | 372478-2001 |
The Need for Quantifying Security -- Attack Graph Techniques -- The Common Vulnerability Scoring System (CVSS) -- Security Risk Analysis of Enterprise Networks Using Attack Graphs -- Conclusion.
Protection of enterprise networks from malicious intrusions is critical to the economy and security of our nation. This article gives an overview of the techniques and challenges for security risk analysis of enterprise networks. A standard model for security analysis will enable us to answer questions such as “are we more secure than yesterday” or “how does the security of one network configuration compare with another one”. In this article, we will present a methodology for quantitative security risk analysis that is based on the model of attack graphs and the Common Vulnerability Scoring System (CVSS). Our techniques analyze all attack paths through a network, for an attacker to reach certain goal(s).
19