Content area
Full Text
Abstract
In this paper, we propose a new and simple metrics for evaluating network security. The proposed metrics are based on the existence of network vulnerabilities in the network. The proposed metrics are different with our previous metrics proposed in [11]. Exploited Vulnerability Percentage (EVP) metric, Vulnerable Host Percentage (VHP) metric and Density of Network Vulnerability (DNV) metric can be used to evaluate the security of a given network quickly because the calculation is not accompanied by path analysis. In the simulation section we provide a table of simulation results and two dimensional graphs in Cartesian coordinates. Analysis of simulation results and future works are also provided at the end part of this paper.
Keywords: Network Security, Metrics, Network Evaluation, Exploited Vulnerability, Vulnerable Host, Vulnerability Density.
(ProQuest: ... denotes formulae omitted.)
1. Introduction
The world is becoming more interconnected with the emergence of internet and new network technologies. There is a large amount of personal information, commercial, military, and government on the network infrastructure around the world. Network security is important because intellectual property can be easily obtained via the internet.
Network security is vital to any organization. A network with weak security has high risk for attack by the attacker. The attack by the attacker will cause a security incident. Security incidents will cause harm to the organization, including lost data, deleted data or damage the server. Security incidents can also cause loss of reputation and loss of good outsourcing relationship. Thus, organizations should consider security as one of the main parameters to reduce this loss to build a new business.
Each network can be regarded as a collection of systems that provide various services to its clients or users. When considering security, the measurement of security metrics must be able to produce a value and expressed as real number or percentage.
In this paper, we present a new metrics for evaluating network security based on the existence of vulnerability in the network. These metrics are Exploited Vulnerability Percentage (EVP) metric and Vulnerable Host Percentage (VHP) metric and Density of Network Vulnerability (DNV) metric. We discuss these metrics in Sect. III. We give a definition of our proposed metrics and provide a simulation study.
The organization of the paper is as follows. First,...