DC FieldValueLanguage
dc.contributor.authorZieger, Andrej
dc.contributor.authorFreiling, Felix
dc.contributor.authorKossakowski, Klaus-Peter
dc.date.accessioned2020-08-26T09:15:12Z-
dc.date.available2020-08-26T09:15:12Z-
dc.date.issued2018-5-7
dc.identifier.urihttp://hdl.handle.net/20.500.12738/943-
dc.description.abstractTo manage cyber security risks in practice, a simple yet effective method to assess such risks for individual systems is needed. With time-to-compromise (TTC), McQueen et al. (2005) introduced such a metric that measures the expected time that a system remains uncompromised given a specific threat landscape. TTC combines simplicity with expressiveness and therefore has evolved into one of the most successful cybersecurity metrics in practice. We revisit TTC and identify several mathematical and methodological shortcomings which we address by embedding all aspects of the metric into the continuous domain and the possibility to incorporate information about vulnerability characteristics and other cyber threat intelligence into the model. We propose ?-TTC, a formal extension of TTC which includes information from CVSS vectors as well as a continuous attacker skill based on a ?-distribution. We show that our new metric remains simple enough for practical use and gives more realistic predictions than the original TTC by using data from a modern and productively used vulnerability database of a national CERT.
dc.language.isoen
dc.publisherIEEE
dc.titleThe ?-Time-to-Compromise Metric for Practical Cyber Security Risk Estimation
dc.typeinProceedings
dc.relation.conferenceInternational Conference on IT Security Incident Management & IT Forensics (IMF) ; -Mai ; Hamburg, Germany
tuhh.container.endpage133
tuhh.container.startpage115
tuhh.oai.showtrueen_US
tuhh.publication.instituteDepartment Informatik
tuhh.publication.instituteFakultät Technik und Informatik
tuhh.publisher.doi10.1109/IMF.2018.00006
tuhh.publisher.urlhttps://ieeexplore.ieee.org/document/8514838
tuhh.type.opusInProceedings (Aufsatz / Paper einer Konferenz etc.)-
dc.type.casraiConference Paper-
dc.type.dinicontributionToPeriodical-
dc.type.drivercontributionToPeriodical-
dcterms.DCMITypeText-
item.creatorGNDZieger, Andrej-
item.creatorGNDFreiling, Felix-
item.creatorGNDKossakowski, Klaus-Peter-
item.fulltextNo Fulltext-
item.creatorOrcidZieger, Andrej-
item.creatorOrcidFreiling, Felix-
item.creatorOrcidKossakowski, Klaus-Peter-
item.grantfulltextnone-
item.cerifentitytypePublications-
item.languageiso639-1en-
item.openairecristypehttp://purl.org/coar/resource_type/c_5794-
item.openairetypeinProceedings-
crisitem.author.deptDepartment Informatik-
crisitem.author.orcid0009-0005-9852-7947-
crisitem.author.parentorgFakultät Technik und Informatik-
Appears in Collections:Publications without full text
Show simple item record

Page view(s)

47
checked on Dec 27, 2024

Google ScholarTM

Check

HAW Katalog

Check

Add Files to Item

Note about this record


Items in REPOSIT are protected by copyright, with all rights reserved, unless otherwise indicated.