A comprehensive approach to enterprise network security management

K-REx Repository

Show simple item record

dc.contributor.author Homer, John
dc.date.accessioned 2009-05-05T15:32:45Z
dc.date.available 2009-05-05T15:32:45Z
dc.date.issued 2009-05-05T15:32:45Z
dc.identifier.uri http://hdl.handle.net/2097/1372
dc.description.abstract Enterprise network security management is a vitally important task, more so now than ever before. Networks grow ever larger and more complex, and corporations, universities, government agencies, etc. rely heavily on the availability of these networks. Security in enterprise networks is constantly threatened by thousands of known software vulnerabilities, with thousands more discovered annually in a wide variety of applications. An overwhelming amount of data is relevant to the ongoing protection of an enterprise network. Previous works have addressed the identification of vulnerabilities in a given network and the aggregated collection of these vulnerabilities in an attack graph, clearly showing how an attacker might gain access to or control over network resources. These works, however, do little to address how to evaluate or properly utilize this information. I have developed a comprehensive approach to enterprise network security management. Compared with previous methods, my approach realizes these issues as a uniform desire for provable mitigation of risk within an enterprise network. Attack graph simplification is used to improve user comprehension of the graph data and to enable more efficient use of the data in risk assessment. A sound and effective quantification of risk within the network produces values that can form a basis for valuation policies necessary for the application of a SAT solving technique. SAT solving resolves policy conflicts and produces an optimal reconfiguration, based on the provided values, which can be verified by a knowledgeable human user for accuracy and applicability within the context of the enterprise network. Empirical study shows the effectiveness and efficiency of these approaches, and also indicates promising directions for improvements to be explored in future works. Overall, this research comprises an important step toward a more automated security management initiative. en
dc.language.iso en_US en
dc.publisher Kansas State University en
dc.subject Enterprise network security analysis en
dc.subject Risk assessment en
dc.subject Attack Graph en
dc.subject Enterprise network configuration management en
dc.subject Security metric en
dc.title A comprehensive approach to enterprise network security management en
dc.type Dissertation en
dc.description.degree Doctor of Philosophy en
dc.description.level Doctoral en
dc.description.department Department of Computing and Information Sciences en
dc.description.advisor Xinming (Simon) Ou en
dc.subject.umi Computer Science (0984) en
dc.date.published 2009 en
dc.date.graduationmonth May en


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search K-REx


Advanced Search

Browse

My Account

Statistics








Center for the

Advancement of Digital

Scholarship

cads@k-state.edu