Abstract | ||
---|---|---|
Designing and maintaining correct security countermeasures to support trustworthiness require comprehensive understanding of current security posture, i.e., Situational Awareness (SA). Security SA means that a decision maker is aware of protected assets, existing vulnerabilities, and risk mitigation techniques. Applying security metrics offers a holistic way to gain Situational Awareness. However, it is a challenge to get input data for security measuring. Currently, systems produce the huge amount of security monitoring data, but this raw data is not in a uniform format or easily available for the measuring purposes. In this paper, we propose a Host-based Security Instrumentation System (HSIS) to facilitate the development of security measuring probes for uniform data collection. The proposed solution supports reusability of measuring probes and makes it possible to manage and adapt probes at operation time. Security administrators and auditors can support trustworthiness with the solution by evaluating systems' security state. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1109/QRS-C.2016.5 | 2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) |
Keywords | Field | DocType |
security measuring probe,situational awareness,security metric,security monitoring | Security testing,Security through obscurity,Asset (computer security),Computer security,Software security assurance,Security service,Cloud computing security,Security information and event management,Engineering,Computer security model | Conference |
ISBN | Citations | PageRank |
978-1-5090-3714-8 | 0 | 0.34 |
References | Authors | |
3 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Tiandu Zhao | 1 | 0 | 0.34 |
Antti Evesti | 2 | 102 | 11.02 |
Teemu Kanstrén | 3 | 36 | 10.59 |