Return to search

Quantifying Computer Network Security

Simplifying network security data to the point that it is readily accessible and usable by a wider audience is increasingly becoming important, as networks become larger and security conditions and threats become more dynamic and complex, requiring a broader and more varied security staff makeup. With the need for a simple metric to quantify the security level on a network, this thesis proposes: simplify a network’s security risk level into a simple metric. Methods for this simplification of an entire network’s security level are conducted on several characteristic networks. Identification of computer network port vulnerabilities from NIST’s Network Vulnerability Database (NVD) are conducted, and via utilization of NVD’s Common Vulnerability Scoring System values, composite scores are created for each computer on the network, and then collectively a composite score is computed for the entire network, which accurately represents the health of the entire network. Special concerns about small numbers of highly vulnerable computers or especially critical members of the network are confronted.

Identiferoai:union.ndltd.org:WKU/oai:digitalcommons.wku.edu:theses-2120
Date01 December 2011
CreatorsBurchett, Ian
PublisherTopSCHOLAR®
Source SetsWestern Kentucky University Theses
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceMasters Theses & Specialist Projects

Page generated in 0.0017 seconds