Comparing Electronic Battlefields: Using Mean Time-to-Compromise as a Comparative Security Metric

D. Leversage and E.J. Byres, “Comparing Electronic Battlefields: Using Mean Time-to-Compromise as a Comparative Security Metric,Communications in Computer and Information Science - Computer Network Security, Proceedings of the Fourth International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, St. Petersburg, Russia, Springer, 2007, pp. 213-227.

Abstract: The ability to efficiently compare differing security solutions for effectiveness is often considered lacking from a management perspective. To address this we propose a methodology for estimating the mean time-to-compromise (MTTC) of a target device or network as a comparative metric. A topological map of the target system is divided into attack zones, allowing each zone to be described with its own state-space model (SSM). We then employ a SSM based on models used in the biological sciences to predict animal behavior in the context of predator prey relationships.

Markov chains identify predominant attacker strategies which are used to build the MTTC intervals which can be compared for a broad range of mitigating actions. This allows security architects and managers to intelligently select the most effective solution, based on the lowest cost/MTTC ratio that still exceeds a benchmark level.

Copyright: © Springer-Verlag Berlin Heidelberg 2007

Downloadable PDF Data sheet for the Modbus TCP Enforcer - describes features and benefits for modbus security Comparing Electronic Battlefields - White Paper (349kb)