Towards autonomic risk-aware security configuration

Mohammad Salim Ahmed; Ehab Al-Shaer; Mohamed Mahmoud Taibah; Muhammad Abedin; Latifur Khan

doi:10.1109/NOMS.2008.4575198

Towards autonomic risk-aware security configuration

Mohammad Salim Ahmed
, Ehab Al-Shaer
, Mohamed Mahmoud Taibah
, Muhammad Abedin
, Latifur Khan

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

10 Scopus citations

Abstract

Security of a network depends on a number of dynamically changing factors. These include emergence of new vulnerabilities and threats, policy structure and network traffic. Due to the dynamic nature of these factors, identifying security metrics that measure objectively the quality of security configuration pose a major challenge. Moreover, this evaluation must be done dynamically to handle real time changes in the threat toward the network. In this paper, we extend our security metric framework [2] that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerabilities of remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally propagation of an attack within the network. We have implemented this framework as a user-friendly tool called Risk based prOactive seCurity cOnfiguration maNAger (ROCONA) and showed how this tool simplifies security configuration management using risk measurement and mitigation.

Original language	English
Title of host publication	NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium
Subtitle of host publication	Pervasive Management for Ubiquitous Networks and Services
Pages	722-725
Number of pages	4
DOIs	https://doi.org/10.1109/NOMS.2008.4575198
State	Published - 2008
Externally published	Yes
Event	NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services - Salvador - Bahia, Brazil Duration: 7 Apr 2008 → 11 Apr 2008

Publication series

Name	NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services

Conference

Conference	NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services
Country/Territory	Brazil
City	Salvador - Bahia
Period	7/04/08 → 11/04/08

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Access to Document

10.1109/NOMS.2008.4575198

Cite this

Ahmed, M. S., Al-Shaer, E., Taibah, M. M., Abedin, M., & Khan, L. (2008). Towards autonomic risk-aware security configuration. In NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services (pp. 722-725). Article 4575198 (NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services). https://doi.org/10.1109/NOMS.2008.4575198

Ahmed, Mohammad Salim ; Al-Shaer, Ehab ; Taibah, Mohamed Mahmoud et al. / Towards autonomic risk-aware security configuration. NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. pp. 722-725 (NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services).

@inproceedings{c4a5bc8c9fb44fe08d6a668ac06676a6,

title = "Towards autonomic risk-aware security configuration",

abstract = "Security of a network depends on a number of dynamically changing factors. These include emergence of new vulnerabilities and threats, policy structure and network traffic. Due to the dynamic nature of these factors, identifying security metrics that measure objectively the quality of security configuration pose a major challenge. Moreover, this evaluation must be done dynamically to handle real time changes in the threat toward the network. In this paper, we extend our security metric framework [2] that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerabilities of remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally propagation of an attack within the network. We have implemented this framework as a user-friendly tool called Risk based prOactive seCurity cOnfiguration maNAger (ROCONA) and showed how this tool simplifies security configuration management using risk measurement and mitigation.",

author = "Ahmed, \{Mohammad Salim\} and Ehab Al-Shaer and Taibah, \{Mohamed Mahmoud\} and Muhammad Abedin and Latifur Khan",

year = "2008",

doi = "10.1109/NOMS.2008.4575198",

language = "English",

isbn = "9781424420667",

series = "NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services",

pages = "722--725",

booktitle = "NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium",

note = "NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services ; Conference date: 07-04-2008 Through 11-04-2008",

}

Ahmed, MS, Al-Shaer, E, Taibah, MM, Abedin, M & Khan, L 2008, Towards autonomic risk-aware security configuration. in NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services., 4575198, NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services, pp. 722-725, NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services, Salvador - Bahia, Brazil, 7/04/08. https://doi.org/10.1109/NOMS.2008.4575198

Towards autonomic risk-aware security configuration. / Ahmed, Mohammad Salim; Al-Shaer, Ehab; Taibah, Mohamed Mahmoud et al.
NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. p. 722-725 4575198 (NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Towards autonomic risk-aware security configuration

AU - Ahmed, Mohammad Salim

AU - Al-Shaer, Ehab

AU - Taibah, Mohamed Mahmoud

AU - Abedin, Muhammad

AU - Khan, Latifur

PY - 2008

Y1 - 2008

N2 - Security of a network depends on a number of dynamically changing factors. These include emergence of new vulnerabilities and threats, policy structure and network traffic. Due to the dynamic nature of these factors, identifying security metrics that measure objectively the quality of security configuration pose a major challenge. Moreover, this evaluation must be done dynamically to handle real time changes in the threat toward the network. In this paper, we extend our security metric framework [2] that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerabilities of remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally propagation of an attack within the network. We have implemented this framework as a user-friendly tool called Risk based prOactive seCurity cOnfiguration maNAger (ROCONA) and showed how this tool simplifies security configuration management using risk measurement and mitigation.

AB - Security of a network depends on a number of dynamically changing factors. These include emergence of new vulnerabilities and threats, policy structure and network traffic. Due to the dynamic nature of these factors, identifying security metrics that measure objectively the quality of security configuration pose a major challenge. Moreover, this evaluation must be done dynamically to handle real time changes in the threat toward the network. In this paper, we extend our security metric framework [2] that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerabilities of remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally propagation of an attack within the network. We have implemented this framework as a user-friendly tool called Risk based prOactive seCurity cOnfiguration maNAger (ROCONA) and showed how this tool simplifies security configuration management using risk measurement and mitigation.

UR - https://www.scopus.com/pages/publications/51849152481

U2 - 10.1109/NOMS.2008.4575198

DO - 10.1109/NOMS.2008.4575198

M3 - Conference contribution

AN - SCOPUS:51849152481

SN - 9781424420667

T3 - NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services

SP - 722

EP - 725

BT - NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium

T2 - NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services

Y2 - 7 April 2008 through 11 April 2008

ER -

Ahmed MS, Al-Shaer E, Taibah MM, Abedin M, Khan L. Towards autonomic risk-aware security configuration. In NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. p. 722-725. 4575198. (NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services). doi: 10.1109/NOMS.2008.4575198

Towards autonomic risk-aware security configuration

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this