Ulteriori informazioni
This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since "you cannot improve what you cannot measure", a network security metric is essential to evaluating the relative effectiveness of potential network security solutions.
The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknownattacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective.
Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC).
Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.
Info autore
¿Suryadipta Majumdar is currently an Assistant Professor in the Information Security and Digital Forensics department at University at Albany - SUNY. Suryadipta received his Ph.D. on cloud security auditing from Concordia University, Canada. His research mainly focuses on cloud security, Software Defined Network (SDN) security and Internet of Things (IoT) security.
Taous Madi is currently an Experienced Researcher at Ericsson Canada. She holds a Ph.D. in Information Systems Engineering from Concordia University, Montreal. Previously, she finished her M.Sc. in mobile computing from the University of Science and Technology Houari Boumedien (USTHB), Algiers. Her research interests include cloud computing, network function virtualization security, software-defined networking security, internet of things security, machine learning and formal methods.
Yushun Wang completed his MASc in Information System Security from Concordia University. Previously, he worked as a customer network support engineer, Ericsson (China) for 12 years. He is currently working as a developer at Above Security Canada.
Azadeh Tabiban is currently a Ph.D. student at Concordia Institute for Information Systems Engineering (CIISE). She obtained her Master's degree in Information Systems Security from Concordia University, where she contributed to several research projects on cloud security auditing. Her research interest focuses on the development of more accountable and transparent virtualized environments; particularly on cloud and NFV provenance, intrusion detection, proactive auditing and secure virtualization in untrusted cloud infrastructures.
Momen Oqaily is currently working toward the Ph.D. degree in information and systems engineering at the Concordia Institute for Information Systems Engineering, Concordia University, Montreal, QC, Canada. He received hisB.S. degree in network engineering and security and the master's degree in Information Systems Engineering. His research interests include privacy and cloud computing security auditing.
Amir Alimohammadifar completed his BSc in Information Technology in 2010. He received his first master's in Information Technology, communication and computer networks from Sharif University of Technology, 2012, and his second master's in Information Systems Security from Concordia University. He is currently working as a security DevOps engineer at Gameloft Canada.
Yosr Jarraya is currently a researcher in security at Ericsson. Before that, she had a two-year MITACS postdoctoral fellowship with the company. She was previously Research Associate and Postdoctoral Fellow at Concordia University, Montreal. She received a Ph.D. in Electrical and Computer Engineering from Concordia University. She is the co-author of more than 30 research paperson topics including cloud security, network and software security, formal verification and SDN.
Makan Pourzandi is a research leader at Ericsson, Canada. He received his Ph.D. degree in Computer Science from the University of Lyon I Claude Bernard, France and a M.Sc. in parallel computing from École Normale Supérieure de Lyon, France. He has more than 20 years of experience in the fields of cyber security, Telecom and distributed systems. He co-authored a book on software security published by Springer on 2015 and is the co-inventor of 19 granted US patents. He has published more than 65 research papers in peer-reviewed scientific journals and conferences.
Lingyu Wang is a Professor at the Concordia Institute for Information Systems Engineering (CIISE) at Concordia University, Montreal, Canada. He holds the NSERC/Ericsson Senior Industrial Research Chair in SDN/NFV Security. He received his Ph.D. degree in Information Technology in 2006 from George Mason University. His research interests include cloud computing sec
Riassunto
Reviews a range of network security models that focus on combining individual metric scores obtained from standard scoring systems, such as CVSS, into an overall measure of network security.
Devotes several chapters on network security metrics specifically designed with zero day attacks in mind
Discusses various applications of network security metrics, ranging from network attack graph analytics to performance evaluation for security operation centers.
