On stochastic risk ordering of network services for proactive security management

Mohamed Amezziane; Ehab Al-Shaer; Muhammad Qasim Ali

doi:10.1109/NOMS.2012.6212020

On stochastic risk ordering of network services for proactive security management

Mohamed Amezziane, Ehab Al-Shaer, Muhammad Qasim Ali

Statistics, Actuarial & Data Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Contemporary network services don't have any statistical ranking mechanism for proactive security management. Since the emerging threats are actively exploiting the vulnerabilities in network services to compromise the system, not much attention has been paid to rank these services based on their vulnerability history. We argue in this paper that a reliable mechanism could be used to rank these services based on their vulnerability history. Such ranking will be significantly helpful for proactive network security management to partition services and deploy security countermeasures. We propose a framework using stochastic order alternatives to statistically rank network services based on time intervals between exploits as reported by National Vulnerability Database (NVD). We show that Statistical techniques can be used to rank these services by modeling the related metrics. We validated our technique using products of known ranking, and presented some case studies to confirm our result on real network services.

Original language	English
Title of host publication	Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012
Pages	994-1000
Number of pages	7
DOIs	https://doi.org/10.1109/NOMS.2012.6212020
State	Published - 2012
Event	2012 IEEE Network Operations and Management Symposium, NOMS 2012 - Maui, HI, United States Duration: Apr 16 2012 → Apr 20 2012

Publication series

Name	Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012

Conference

Conference	2012 IEEE Network Operations and Management Symposium, NOMS 2012
Country/Territory	United States
City	Maui, HI
Period	04/16/12 → 04/20/12

Access to Document

10.1109/NOMS.2012.6212020

Cite this

Amezziane, M., Al-Shaer, E., & Ali, M. Q. (2012). On stochastic risk ordering of network services for proactive security management. In Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012 (pp. 994-1000). Article 6212020 (Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012). https://doi.org/10.1109/NOMS.2012.6212020

@inproceedings{d8e3df84cd4b4297a1aaeadb0aae1410,

title = "On stochastic risk ordering of network services for proactive security management",

abstract = "Contemporary network services don't have any statistical ranking mechanism for proactive security management. Since the emerging threats are actively exploiting the vulnerabilities in network services to compromise the system, not much attention has been paid to rank these services based on their vulnerability history. We argue in this paper that a reliable mechanism could be used to rank these services based on their vulnerability history. Such ranking will be significantly helpful for proactive network security management to partition services and deploy security countermeasures. We propose a framework using stochastic order alternatives to statistically rank network services based on time intervals between exploits as reported by National Vulnerability Database (NVD). We show that Statistical techniques can be used to rank these services by modeling the related metrics. We validated our technique using products of known ranking, and presented some case studies to confirm our result on real network services.",

author = "Mohamed Amezziane and Ehab Al-Shaer and Ali, {Muhammad Qasim}",

year = "2012",

doi = "10.1109/NOMS.2012.6212020",

language = "English",

isbn = "9781467302685",

series = "Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012",

pages = "994--1000",

booktitle = "Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012",

note = "2012 IEEE Network Operations and Management Symposium, NOMS 2012 ; Conference date: 16-04-2012 Through 20-04-2012",

}

Amezziane, M, Al-Shaer, E & Ali, MQ 2012, On stochastic risk ordering of network services for proactive security management. in Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012., 6212020, Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012, pp. 994-1000, 2012 IEEE Network Operations and Management Symposium, NOMS 2012, Maui, HI, United States, 04/16/12. https://doi.org/10.1109/NOMS.2012.6212020

On stochastic risk ordering of network services for proactive security management. / Amezziane, Mohamed; Al-Shaer, Ehab; Ali, Muhammad Qasim.
Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012. 2012. p. 994-1000 6212020 (Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - On stochastic risk ordering of network services for proactive security management

AU - Amezziane, Mohamed

AU - Al-Shaer, Ehab

AU - Ali, Muhammad Qasim

PY - 2012

Y1 - 2012

N2 - Contemporary network services don't have any statistical ranking mechanism for proactive security management. Since the emerging threats are actively exploiting the vulnerabilities in network services to compromise the system, not much attention has been paid to rank these services based on their vulnerability history. We argue in this paper that a reliable mechanism could be used to rank these services based on their vulnerability history. Such ranking will be significantly helpful for proactive network security management to partition services and deploy security countermeasures. We propose a framework using stochastic order alternatives to statistically rank network services based on time intervals between exploits as reported by National Vulnerability Database (NVD). We show that Statistical techniques can be used to rank these services by modeling the related metrics. We validated our technique using products of known ranking, and presented some case studies to confirm our result on real network services.

AB - Contemporary network services don't have any statistical ranking mechanism for proactive security management. Since the emerging threats are actively exploiting the vulnerabilities in network services to compromise the system, not much attention has been paid to rank these services based on their vulnerability history. We argue in this paper that a reliable mechanism could be used to rank these services based on their vulnerability history. Such ranking will be significantly helpful for proactive network security management to partition services and deploy security countermeasures. We propose a framework using stochastic order alternatives to statistically rank network services based on time intervals between exploits as reported by National Vulnerability Database (NVD). We show that Statistical techniques can be used to rank these services by modeling the related metrics. We validated our technique using products of known ranking, and presented some case studies to confirm our result on real network services.

UR - http://www.scopus.com/inward/record.url?scp=84864196549&partnerID=8YFLogxK

U2 - 10.1109/NOMS.2012.6212020

DO - 10.1109/NOMS.2012.6212020

M3 - Conference contribution

AN - SCOPUS:84864196549

SN - 9781467302685

T3 - Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012

SP - 994

EP - 1000

BT - Proceedings of the 2012 IEEE Network Operations and Management Symposium, NOMS 2012

T2 - 2012 IEEE Network Operations and Management Symposium, NOMS 2012

Y2 - 16 April 2012 through 20 April 2012

ER -

On stochastic risk ordering of network services for proactive security management

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this