Analysis of Attack Graph-based Metrics for Quantification of Network Security

Computer network has grown both in size and complexity with the advent of Internet. It facilitates easy access to vast store of reference materials, collaborative computing, and information sharing. However, this requires a secure interconnected world of computing where confidentiality, integrity, and availability of information and resources are restored. Traditionally, security mechanism is enforced by access control and authentication. However, these security best practices do not take operating system, or network service-based or application vulnerabilities (programming flaws) into account. With the evolution of sophisticated hacking tools, attackers exploit these vulnerabilities and can gain legitimate access to network resources, bypassing the access control and authentication policies. One tool that presents a succinct representation of different attack scenarios specific to a network is attack graph. Attack graph models service or application-based attacks and depicts all possible multihost multi-step attack scenarios that an attacker can launch to penetrate into an enterprise network. The severity associated with each attack scenario can be evaluated following some attack graph-based security metrics. A good number of security metrics are prevalent in the literature, however, there exists no reported work which determines their efficacy and applicability. In this paper, a survey on attack graph-based metrics has been done and comparative analysis of the existing metrics has been presented to facilitate understanding of a given network's level of security strength. A case study has been perceived for the purpose of analysis.