Accession Number : AD1033873

Title :   A Model of Network Porosity

Descriptive Note : Technical Report


Personal Author(s) : Riordan,James F ; Neumayer,Sebastian J ; Lippmann,Richard P ; Wagner,Neal

Full Text :

Report Date : 04 Feb 2016

Pagination or Media Count : 39

Abstract : Compartmentalization is one of the standard mechanisms used by defenders to secure enterprise networks. Unfortunately, the compartmentalization process from a security standpoint currently remains more of an art than a science. Even when this art is well executed, the ongoing evolution of the network often violates initial, security-critical design assumptions. Toward improving operational security, MIT Lincoln Laboratory has a collection of metrics which can be used to continuously assess risk within the context of cyber security. One important security metric in this collection is a measure for managing network boundaries and filters or network porosity. This metric computes the risk inherent to a given network architecture. This technical report describes the model that underlies the network porosity metric and a simulation implementing the model.

Descriptors :   boundaries , computers , intrusion , intrusion detectors , local area networks , computer networks , computing system architectures , antivirus software , network architecture

Subject Categories : Computer Programming and Software
      Computer Systems

Distribution Statement : APPROVED FOR PUBLIC RELEASE