DOI 10.17586/0021-3454-2018-61-10-873-880
UDC 004.056
A TECHNIQUE OF VISUALIZATION OF CYBERSECURITY METRICS
St. Petersburg Institute for Informatics and Automation of the RAS, Laboratory of Computer Security Problems; Programmer
A. A. Chechulin
St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, Laboratory of Computer Security Problems;
E. V. Doynikova
St. Petersburg Institute for Informatics and Automation of the Russian Aсadеmy of Sciences, Laboratory of Computer Security Problems; Post-Graduate Student
I. V. Kotenko
St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, Laboratory of Computer Security Problems ; Professor
Abstract. ПA technique of cyber security metrics visualization for support of decision-making process in risk analysis and countermeasure selection is proposed. This technique is used to select suitable visualization models for a predetermined set of security metrics or to create new specific models. A list of security metrics that characterize the network and its objects, indicators describing attacks on network objects and characterizing attackers is given, security incidents occurring in the system, countermeasures, and integral indicators of risk and choice of countermeasures reflecting the overall level of security and used for choice of protective measures are outlined, and a list of visualization models and their classification is presented. A developed software prototype of the visualization system based on the proposed method is presented. An example of the hierarchical creation of a custom model of visualization of security metrics of a corporate computer network based on the developed prototype is considered.
Keywords: visualization models, security metrics, cost-sensitive metrics, countermeasure selection, security assessment
References:
References:
- Kotenko I.V., Sayenko I.B. Trudy SPIIRAN (SPIIRAS Proceedings), 2012, no. 3(22), pp. 84–100. (in Russ.)
- Kotenko I.V. Trudy Instituta sistemnogo analiza rossiyskoy akademii nauk (Proceeding of the Institute for Systems Analysis of the Russian Academy of Science), 2009, vol. 41, рр. 74–103. (in Russ.)
- Kotenko I., Chechulin A. International Transactions on Systems Science and Applications, 2012, vol. 8, рр. 129–147.
- Schmidt M. Encyclopedia of Business Terms and Methods, 2011.
- Sonnenreich W., Albanese J., Stout B. Journal of Research and Practice in Information Technology, 2006, no. 1(38), pp. 45–56.
- Kheir N., Cuppens-Boulahia N., Cuppens F., Debar H. Lecture Notes in Computer Science, 2010, vol. 6345, рр. 626–642.
- Dini G., Tiloca M. Lecture Notes in Computer Science, 2014, vol. 8906, рр. 77–94.
- Howard M., Pincus J., Wing J. Measuring Relative Attack Surfaces, Computer Security in the 21st Century, Boston, Springer, 2005, рp. 109–137.
- Manadhata P., Wing J. IEEE Transactions on Software Engineering, 2011, no. 3(37), pp. 371–386.
- Mell P., Scarforne K., Romanosky S. A Complete Guide to the Common Vulnerability Scoring System (CVSS) Version 2.0, FIRST-Forum of Incident Response and Security Teams, 2007, 23 p.
- The Center for Internet Security, The CIS Security Metrics, 2009, 83 p.
- Doynikova E.V., Kotenko I.V. Lecture Notes in Computer Science, 2016, vol. 9572, рp. 107–124.
- Kotenko I.V., Doynikova E.V. 24th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2016), 2016, pр. 558–565.
- Singhal A., Ou X. Security risk analysis of enterprise networks using probabilistic attack graphs, NIST Interagency Report 7788, Gaithersburg, NIST, 2011, 24 p.
- Puangsri P. Quantified Return On Information Security Investment – A Model for Cost-Benefit Analysis, Master Thesis, Delft University of Technology, 2009.
- Leborg C. Visual Grammar, Princeton Architectural Press, 2006, 96 p.
- Kolomeec M.V., Chechulin A.A., Kotenko I.V. Trudy SPIIRAN (SPIIRAS Proceedings), 2015, no. 5(42), pp. 232–257.
- Kolomeec M.V., Chechulin A.A., Kotenko I.V. Lecture Notes in Computer Science, 2016, vol. 9817, рр. 141–157.
- Haber R.B., McNabb D.A. Visualization in Scientific Computing, IEEE Computer Society Press, 1990, рp. 74–93.
- Pronoza A.A., Chechulin A.A., Kotenko I.V. Trudy SPIIRAN (SPIIRAS Proceedings), 2016, no. 3(46), pp. 90–107. (in Russ.)