Abstract
The paper considers the main issues and recommendations for using the risk assessment techniques based on the analysis of static, dynamic and historical security information. The system of security metrics and techniques for their calculation are suggested. Proposed techniques are based on attack graphs and service dependencies. They allow evaluating security of network topologies, malefactors and attack characteristics, and integral security properties and characteristics calculated on the basis of the cost-benefit and zero-day vulnerability analysis. The approach is intended to be implemented in the framework of the FP7 EU MASSIF project.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.