A framework for security quantification of networked machines

Widespread application of computer network has evoked a lot of interest for cyber attackers to target these systems. In addition to cryptography based protective techniques such as authentication and authorization, several defense measures, like Intrusion Detection and Tolerance, and tools are employed to protect networks thereby, making security a critical issue. Therefore, the need for defining, structuring, and quantifying security arises as a necessary first step towards measuring the effectiveness of security related deployments. This work proposes a structured approach to define and analyze security related metrics for intrusion tolerant systems for each individual host in the network and compose them in a meaningful way to provide an overall security quantification for a network. The dynamics of each machine against a particular vulnerability is modeled as a (hidden) Markov process to capture uncertainties in attacker´s action and system response. Based on these stochastic analysis, security metrics of each machine are calculated which are subsequently used in the final computation of the security metrics of the network.