Objective metrics for firewall security: A holistic view

Mohammed Noraden Alsaleh; Saeed Al-Haj; Ehab Al-Shaer

doi:10.1109/CNS.2013.6682762

Objective metrics for firewall security: A holistic view

Mohammed Noraden Alsaleh
, Saeed Al-Haj
, Ehab Al-Shaer

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

Firewalls are the primary security devices in cyber defense. Yet, the security of firewalls depends on the quality of protection provided by the firewall policy. The lack of metrics and attack incident data makes measuring the security of firewall policies a challenging task. In this paper, we present a new set of quantitative metrics that can be used to measure, as well as, compare the security level of firewall policies in an enterprise network. The proposed metrics measure the risk of attacks on the network that is imposed due to weaknesses in the firewall policy. We also measure the feasibility of mitigating or removing that risk. The presented metrics are proven to be (1) valid as compared with the ground truth, and (2) practically useful as each one implies actionable security hardening.

Original language	English
Title of host publication	2013 IEEE Conference on Communications and Network Security, CNS 2013
Publisher	IEEE Computer Society
Pages	470-477
Number of pages	8
ISBN (Print)	9781479908950
DOIs	https://doi.org/10.1109/CNS.2013.6682762
State	Published - 2013
Externally published	Yes

Publication series

Name	2013 IEEE Conference on Communications and Network Security, CNS 2013

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/CNS.2013.6682762

Cite this

@inproceedings{fddba3231a184f27a3063b4dd1fc438b,

title = "Objective metrics for firewall security: A holistic view",

abstract = "Firewalls are the primary security devices in cyber defense. Yet, the security of firewalls depends on the quality of protection provided by the firewall policy. The lack of metrics and attack incident data makes measuring the security of firewall policies a challenging task. In this paper, we present a new set of quantitative metrics that can be used to measure, as well as, compare the security level of firewall policies in an enterprise network. The proposed metrics measure the risk of attacks on the network that is imposed due to weaknesses in the firewall policy. We also measure the feasibility of mitigating or removing that risk. The presented metrics are proven to be (1) valid as compared with the ground truth, and (2) practically useful as each one implies actionable security hardening.",

author = "Alsaleh, \{Mohammed Noraden\} and Saeed Al-Haj and Ehab Al-Shaer",

year = "2013",

doi = "10.1109/CNS.2013.6682762",

language = "English",

isbn = "9781479908950",

series = "2013 IEEE Conference on Communications and Network Security, CNS 2013",

publisher = "IEEE Computer Society",

pages = "470--477",

booktitle = "2013 IEEE Conference on Communications and Network Security, CNS 2013",

address = "United States",

}

Objective metrics for firewall security: A holistic view. / Alsaleh, Mohammed Noraden; Al-Haj, Saeed; Al-Shaer, Ehab.
2013 IEEE Conference on Communications and Network Security, CNS 2013. IEEE Computer Society, 2013. p. 470-477 6682762 (2013 IEEE Conference on Communications and Network Security, CNS 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Objective metrics for firewall security

T2 - A holistic view

AU - Alsaleh, Mohammed Noraden

AU - Al-Haj, Saeed

AU - Al-Shaer, Ehab

PY - 2013

Y1 - 2013

N2 - Firewalls are the primary security devices in cyber defense. Yet, the security of firewalls depends on the quality of protection provided by the firewall policy. The lack of metrics and attack incident data makes measuring the security of firewall policies a challenging task. In this paper, we present a new set of quantitative metrics that can be used to measure, as well as, compare the security level of firewall policies in an enterprise network. The proposed metrics measure the risk of attacks on the network that is imposed due to weaknesses in the firewall policy. We also measure the feasibility of mitigating or removing that risk. The presented metrics are proven to be (1) valid as compared with the ground truth, and (2) practically useful as each one implies actionable security hardening.

AB - Firewalls are the primary security devices in cyber defense. Yet, the security of firewalls depends on the quality of protection provided by the firewall policy. The lack of metrics and attack incident data makes measuring the security of firewall policies a challenging task. In this paper, we present a new set of quantitative metrics that can be used to measure, as well as, compare the security level of firewall policies in an enterprise network. The proposed metrics measure the risk of attacks on the network that is imposed due to weaknesses in the firewall policy. We also measure the feasibility of mitigating or removing that risk. The presented metrics are proven to be (1) valid as compared with the ground truth, and (2) practically useful as each one implies actionable security hardening.

UR - https://www.scopus.com/pages/publications/84893598691

U2 - 10.1109/CNS.2013.6682762

DO - 10.1109/CNS.2013.6682762

M3 - Conference contribution

AN - SCOPUS:84893598691

SN - 9781479908950

T3 - 2013 IEEE Conference on Communications and Network Security, CNS 2013

SP - 470

EP - 477

BT - 2013 IEEE Conference on Communications and Network Security, CNS 2013

PB - IEEE Computer Society

ER -

Objective metrics for firewall security: A holistic view

Abstract

Publication series

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this