Skip to main content
SpringerLink
Log in
Book cover

Quantitative Security Risk Assessment of Enterprise Networks

  • Book
  • © 2011

Overview

Authors:
  1. Xinming Ou

    1. , Computing and Information Sciences, Kansas State University, Manhattan, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

  2. Anoop Singhal

    1. and Technology (NIST), Computer Security Division, National Institute of Standards, Gaithersburg, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

Part of the book series: SpringerBriefs in Computer Science (BRIEFSCOMPUTER)

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (5 chapters)

  1. Front Matter

    Pages i-xiii
    Download chapter PDF

  2. The Need for Quantifying Security

    • Xinming Ou, Anoop Singhal
    Pages 1-3

  3. Attack Graph Techniques

    • Xinming Ou, Anoop Singhal
    Pages 5-8

  4. The Common Vulnerability Scoring System (CVSS)

    • Xinming Ou, Anoop Singhal
    Pages 9-12

  5. Security Risk Analysis of Enterprise Networks Using Attack Graphs

    • Xinming Ou, Anoop Singhal
    Pages 13-23

  6. Conclusion

    • Xinming Ou, Anoop Singhal
    Pages 25-28
Back to top

Keywords

About this book

Protection of enterprise networks from malicious intrusions is critical to the economy and security of our nation. This article gives an overview of the techniques and challenges for security risk analysis of enterprise networks. A standard model for security analysis will enable us to answer questions such as “are we more secure than yesterday” or “how does the security of one network configuration compare with another one”. In this article, we will present a methodology for quantitative security risk analysis that is based on the model of attack graphs and the Common Vulnerability Scoring System (CVSS). Our techniques analyze all attack paths through a network, for an attacker to reach certain goal(s).

Authors and Affiliations

  • , Computing and Information Sciences, Kansas State University, Manhattan, USA

    Xinming Ou

  • and Technology (NIST), Computer Security Division, National Institute of Standards, Gaithersburg, USA

    Anoop Singhal

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation