Capturing the security effects of network segmentation via a continuous-time markov chain model
2017
Segmentation or compartmentalization of a computer network is a commonly used defensive mitigation against cyber attack. Its goal is to limit the damage an attacker can cause by partitioning a network into sections or enclaves and restricting communications between them. While this technique is widely advocated as critical to the security of a network, no clear guidance currently exists on how to appropriately implement it. Additionally, the cost of testing candidate segmentation architectures on a live network or a cyber test environment is prohibitively expensive. This study examines an alternative method for evaluating segmentation architectures utilizing a continuous-time Markov chain to model changes in network state based on relevant network parameters such as vulnerability arrival rate, patch rate, etc. The model is realized by an event-based network simulation and demonstrated via a case study that evaluates a range of candidate architectures.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
11
References
6
Citations
NaN
KQI