Login | Register

Network Security Metrics: Estimating the Resilience of Networks Against Zero Day Attacks

Title:

Network Security Metrics: Estimating the Resilience of Networks Against Zero Day Attacks

Zhang, Mengyuan (2017) Network Security Metrics: Estimating the Resilience of Networks Against Zero Day Attacks. PhD thesis, Concordia University.

[img]
Preview
Text (application/pdf)
Zhang_PhD_S2018.pdf - Accepted Version
Available under License Spectrum Terms of Access.
3MB

Abstract

Computer networks are playing the role of nervous systems in many critical infrastructures, governmental and military organizations, and enterprises today. Protecting such mission critical networks means more than just patching known vulnerabilities and deploying firewalls or IDSs. Proper metrics are needed in evaluating the security level of networks and provide security enhanced solutions. However, without considering unknown zero-day vulnerabilities, security metrics are insufficient to capture the true security level of a network. My Ph.D's work is aiming to develop a series of novel network security metrics with a special focus on modeling zero day attacks and study the relationships between software features and vulnerabilities.

In the first work, we take the first step toward formally modeling network diversity as a security metric by designing and evaluating a series of diversity metrics. In particular, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively.

In the second topic, we lift the attack surface concept, which calculates the intrinsic properties of software applications, to the network level as a security metric for evaluating the resilience of networks against potential zero day attacks. First, we develop models for aggregating the attack surface among different resources inside a network. Second, we design heuristic algorithms to avoid the costly calculation of attack surface.

Predicting and studying the software vulnerability both help administrators to improve security deployment for their organizations and to choose the right applications among those with similar functionality, and for the software vendors to estimate the security level of their software applications. In the third topic, we perform a large-scale empirical study on datasets from GitHub and different versions of Chrome to study the relationship between software features and the number of vulnerabilities. This study quantitatively demonstrates the importance of features in the vulnerability discovery process based on machine learning techniques, which provides inputs for network level security metrics. Those features could serve as inputs for future network security metrics.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (PhD)
Authors:Zhang, Mengyuan
Institution:Concordia University
Degree Name:Ph. D.
Program:Information and Systems Engineering
Date:December 2017
Thesis Supervisor(s):Wang, Lingyu
ID Code:983529
Deposited By: MENGYUAN ZHANG
Deposited On:05 Jun 2018 14:44
Last Modified:01 Sep 2019 00:00
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top