Abstract— Most of the current research in security analysis has been centered on identifying threats and vulnerabilities and providing suitable defense mechanisms to improve the robustness of the network and systems. While this approach is attractive, it provides limited insight into understanding the impact these attacks have on the overall security goals of the network and the system. Attack Graph as a model lends itself nicely to the analysis of the security state of a network. Most of the Attack graph based metrics proposed in the literature are one dimensional; however the research community has acknowledged the fact that security needs to be treated as a multidimensional concept. In this paper, we utilize stochastic modeling techniques using Attack graphs to define a complementary suite of quantitative metrics to aid the security engineer in visualizing the current as well as future security state of the network and optimizing the necessary steps to harden the enterprise network from external threats. We present experimental results from applying this model on a sample network to demonstrate the practicality of our approach.

Index Terms—Attack graph, CVSS, markov model, security evaluation, cyber situational awareness

Cite: Subil Abraham and Suku Nair, "Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains," Journal of Communications, vol. 9, no. 12, pp. 899-907, 2014. Doi: 10.12720/jcm.9.12.899-907