A composite network security assessment

Abstract

This paper presents a new concept of security assessment methodology while promoting several areas of its application. Attack pattern analysis, network security monitoring locally or remotely are the major application areas of this concept. Instead of testing each asset or a network node separately by applying repetitive attacks and assessments, the composite system generates and executes attacks once, composes risk data, and uses the risk data for the entire network in order to perform the overall assessment. This unique approach can be used as a model to guide development of intrusion detection systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories. © 2008 IEEE.