Quantifying the mission impact of network-level cyber defensive mitigations:

Modern missions of government and private organizations rely on computer networks to operate. As evidenced by several well-publicized cyber breaches, these missions are under attack. Several cyber defensive measures have been proposed to mitigate this threat, some are meant to protect individual hosts on the network, and others are designed to protect the network at large. From a qualitative perspective, these mitigations seem to improve security, but there is no quantitative assessment of their effectiveness with respect to a complete network system and a cyber-supported mission for which the network exists. The purpose of this paper is to examine network-level cyber defensive mitigations and quantify their impact on network security and mission performance. Testing such mitigations in an live network environment is generally not possible due to the expense, and thus a modeling and simulation approach is utilized. Our approach employs a modularized hierarchical simulation framework to model a complete cy...