In this paper, we propose a novel network security metric, k-zero day safety. This is among the first efforts on network security metrics that is capable of modeling the security risk of unknown zero-day attacks. The metric would bring about new opportunities to the quantitative evaluation, hardening, and design of secure networks. We then studied the complexity of computing the metric and proposed efficient algorithms for determining the metric value. Next, we applied the proposed metric to the practical issue of network hardening and extended the metric to characterize various hardening options; we formally define the metric, analyze the complexity of computing the metric, devise heuristic algorithms for intractable cases, and finally demonstrate through case studies that applying the metric to existing network security practices may generate actionable knowledge.
You are here: Home / ieee projects 2014 / A Novel Network Security Metric Computation and Application