Show simple item record

dc.contributor.authorMunir, Rashid*
dc.contributor.authorPagna Disso, Jules F.*
dc.contributor.authorAwan, Irfan U.*
dc.contributor.authorMufti, Muhammad R.*
dc.date.accessioned2016-10-07T14:35:28Z
dc.date.available2016-10-07T14:35:28Z
dc.date.issued2013
dc.identifier.citationMunir R, Pagna Disso J, Awan IU and Mufti MR (2013) A quantitative measure of the security risk level of enterprise networks. In: Proceedings of the 8th International Conference on Broadband and Wireless Computing, Communication and Applications. 28-30 Octr 2013. Compiegne, France. IEEE: 437-442.
dc.identifier.urihttp://hdl.handle.net/10454/9694
dc.descriptionNo
dc.description.abstractAlong with the tremendous expansion of information technology and networking, the number of malicious attacks which cause disruption to business processes has concurrently increased. Despite such attacks, the aim for network administrators is to enable these systems to continue delivering the services they are intended for. Currently, many research efforts are directed towards securing network further whereas, little attention has been given to the quantification of network security which involves assessing the vulnerability of these systems to attacks. In this paper, a method is devised to quantify the security level of IT networks. This is achieved by electronically scanning the network using the vulnerability scanning tool (Nexpose) to identify the vulnerability level at each node classified according to the common vulnerability scoring system standards (critical, severe and moderate). Probabilistic approach is then applied to calculate an overall security risk level of sub networks and entire network. It is hoped that these metrics will be valuable for any network administrator to acquire an absolute risk assessment value of the network. The suggested methodology has been applied to a computer network of an existing UK organization with 16 nodes and a switch.
dc.relation.isreferencedbyhttp://dx.doi.org/10.1109/BWCCA.2013.76
dc.subjectEnterprise network security; Network security; Vulnerability analysis; Security assessment; NIST
dc.titleA quantitative measure of the security risk level of enterprise networks
dc.status.refereedYes
dc.typeConference Paper
dc.type.versionNo full-text available in the repository


This item appears in the following Collection(s)

Show simple item record