A comprehensive approach to enterprise network security management
Enterprise network security management is a vitally important task, more so now than ever before. Networks grow ever larger and more complex, and corporations, universities, government agencies, etc. rely heavily on the availability of these networks. Security in enterprise networks is constantly threatened by thousands of known software vulnerabilities, with thousands more discovered annually in a wide variety of applications. An overwhelming amount of data is relevant to the ongoing protection of an enterprise network.
Previous works have addressed the identi?cation of vulnerabilities in a given network and the aggregated collection of these vulnerabilities in an attack graph, clearly showing how an attacker might gain access to or control over network resources. These works, however, do little to address how to evaluate or properly utilize this information.
I have developed a comprehensive approach to enterprise network security management. Compared with previous methods, my approach realizes these issues as a uniform desire for provable mitigation of risk within an enterprise network. Attack graph simpli?cation is used to improve user comprehension of the graph data and to enable more efficient use of the data in risk assessment. A sound and effective quanti?cation of risk within the network produces values that can form a basis for valuation policies necessary for the application of a SAT solving technique. SAT solving resolves policy con?icts and produces an optimal recon?guration, based on the provided values, which can be veri?ed by a knowledgeable human user for accuracy and applicability within the context of the enterprise network. Empirical study shows the effectiveness and efficiency of these approaches, and also indicates promising directions for improvements to be explored in future works. Overall, this research comprises an important step toward a more automated security management initiative.
School:Kansas State University
School Location:USA - Kansas
Source Type:Master's Thesis
Keywords:enterprise network security analysis risk assessment attack graph configuration management metric computer science 0984
Date of Publication:01/01/2009