DEVELOPMENT OF GRAPH-BASED SECURITY METRIC

A computer network can consist of client hosts and server hosts. Vulnerabilities can be found on each host. Connectivity matrix represents a connectivity between a host to another host. Vulnerability matix represents every vulnerability in every host. Attack rule represents a rule for attacker to...

Full description

Saved in:
Bibliographic Details
Main Author: Waluyo Purboyo, Tito
Format: Dissertations
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/37382
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:A computer network can consist of client hosts and server hosts. Vulnerabilities can be found on each host. Connectivity matrix represents a connectivity between a host to another host. Vulnerability matix represents every vulnerability in every host. Attack rule represents a rule for attacker to exploit a vulnerability. Attacker privilege on every host can be expressed as a status privileged space. In this dissertation, a graph-based network security metric was developed that can be used to evaluate the security of a network. A graph-based network security metric is used simultaneously so it form a group of graph-based network security metrics. Furthermore, the group of graph-based network security metrics are used to evaluate a computer network. In this dissertation we produce an algorithm to generate a security status graph. This algorithm generate a table which consist of all statuses of network security. From this calculation table of network security status, it can be constructed three types of graph these are status graph, host graph and vulnerability graph. These types of graphs are constructed manually using graphviz. All network security statuses in table are readable by a Matlab program so that the graph-based network security metrics can be calculated. The evaluation process of a computer network is performed by measuring network security metrics. In this study, the method used to produce the graph has take into account the network performance and can be used as a tool to analyze network vulnerabilities. This method makes graph have additional capabilities in terms of measuring the attack effect seen from the decline in network performance. Furthermore, the choosing of countermeasures combination is done based on user requirements. If the number of vulnerabilities on each host increases, then the number of countermeasures combination increases exponentially. In this research dissertation we constuct an algorithm to produce a security status graph, host graph and vulnerability graph. Framework to evaluate and to improve network security resulting in this research is used as a reference in carrying out the experiment. Security Metrics Group based on Attack Graph can be used to evaluate the network security of a computer network. Increasing the number of hosts and vulnerabilities on the network led to a decrease in the level of network security. Hosts graph and vulnerabilities graph can be generated using a framework in this dissertation.