A Survey on Security Metrics
نویسندگان
چکیده
The importance of security metrics can hardly be overstated. Despite the attention that has been paid by the academia, government and industry in the past decades, this important problem stubbornly remains open. In this survey, we present a survey of knowledge on security metrics. The survey is centered on a novel taxonomy, which classifies security metrics into four categories: metrics for measuring the system vulnerabilities, metrics for measuring the defenses, metrics for measuring the threats, and metrics for measuring the situations. The insight underlying the taxonomy is that situations (or outcomes of cyber attack-defense interactions) are caused by certain threats (or attacks) against systems that have certain vulnerabilities (including human factors) and employ certain defenses. In addition to systematically reviewing the security metrics that have been proposed in the literature, we discuss the gaps between the state of the art and the ultimate goals.
منابع مشابه
A A Survey on Systems Security Metrics
Security metrics have received significant attention. However, they have not been systematically explored based on the understanding of attack-defense interactions, which are affected by various factors, including the degree of system vulnerabilities, the power of system defense mechanisms, attack (or threat) severity, and situations a system at risk faces. This survey particularly focuses on h...
متن کاملA Survey of Landscape Metrics and Land-use/land-cover Structures on Urban Heat Islands Surface: A Case Study on Urmia City, Iran
Urbanization is developing unprecedentedly on a global scale. One of the chief repercussions of urbanization, caused by man-made alterations in land-use/land-cover (LULC), is the formation of urban heat islands. Albeit, differences among landscape structures and its accompanied effects on the environment are mostly neglected. Accordingly, the main objective of this study is to survey the variou...
متن کاملA Novel Security Metrics Taxonomy for R&D Organisations
In order to obtain evidence of the security and privacy issues of products, services or an organization, systematic approaches to measuring security are needed. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives. We aim to bridge the gaps between business management, information security management and ICT product securit...
متن کاملAnni Sademies Process Approach to Information Security Metrics in Finnish Industry and State Institutions
In todays information technology world, there is a growing need for security solutions: information systems are more and more vulnerable because of the increased complexity and interconnection of insecure components and networks. Even though appropriate security approaches can be found, the resulting security level often remains unknown. It is a widely accepted principle that an activity canno...
متن کاملSecurity as a theoretical attribute construct
This paper provides an overview of the field of security metrics and discusses results of a survey of security experts on the topic. It describes a new framework for developing security metrics that focuses on effectiveness measures while maintaining measures of correctness. It introduces a view of security as a theoretical concept which encapsulates multiple aspects of a system. Viewing securi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1601.05792 شماره
صفحات -
تاریخ انتشار 2016