The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 1
ISSN 2229-5518
Evaluation of security risk associated with different network layers
Arshad Ali, Dr. Mohd. Rizwan Beg, Shish Ahmad, Azhar Ali
the high and low probability of risk on each and every layer.
Index Terms— System security, security metrics, vulnerabilities, security management, different threats and attacks , OSI layers.
—————————— ——————————
Network attack or security incident is defined as a threat, intrusion, denial of service or other attack on a network infrastructure that will analyse the network
and gain information to eventually cause the network to crash or to become corrupted. In many cases, the attacker might not only be interested in exploiting software applica- tions, but also try to obtain unauthorized access to network devices. Unmonitored network devices are the main source of information leakage in organizations. In most organiza- tions, every email message, every web page request, every user logon, and every transmittable file is handled by a net- work device. Network attacks cut across all categories of software and platform type. There are at least two types of network attacks ─
Active Attacks: Active attacks are attacks in which attacker is not only being able to listen to the transmission but also be- ing able to actively modify or generate false data. Types of Active attacks are:-
A Masquerade takes place when one entity pretends to be different entity. A Masquerade Attack usually includes one of the other forms of active attack. For example, authentica- tion sequences can be captured and replayed after a valid authentication sequence has taken place thus enabling an authorized entity with few privileges by impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized ef- fect.
————————————————
Dr. Mohd. Rizwan Beg, Professor & Head ,CSE Dept., Integral Univer-
sity, Lucknow, UP, India, 9839384611 , rizwanbeg@gmail.com
Shish Ahmad, A.P., CSE Dept., Integral University ,Lucknow, UP, India, shish_parv@rediffmail.com
Azhar Ali, M.Tech Student,CSE Dept., Integral University, Lucknow, UP,
Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or recorded, to produce an unauthorized effect. For example, a message meaning ―Allow John Smith to read confidential file accounts‖ is modified to mean ―Allow Fred Brown to read confidential file accounts‖.
Packet sniffing is the interception of data packets traversing a network. A sniffer program works at the Ethernet layer in combination with network interface cards (NIC) to capture all traffic traveling to and from internet host site. Further, if any of the Ethernet NIC cards are in promiscuous mode, the sniffer program will pick up all communication packets float- ing by anywhere near the internet host site. A sniffer placed on any backbone device, inter-network link or network ag- gregation point will therefore be able to monitor a whole lot of traffic. Most of packet sniffers are passive and they listen all data link layer frames passing by the device's network interface. There are dozens of freely available packet sniffer programs on the internet. The more sophisticated ones allow more active intrusion. The key to detecting packet sniffing is to detect network interfaces that are running in promiscuous mode. Sniffing can be detected two ways: Host-based: Software commands exist that can be run on individual host machines to tell if the NIC is running in promiscuous mode.
This is a technique that takes advantage of a weakness in the TCP/IP protocol stack, and the way headers are constructed. Hijacking occurs when someone between one and other per- son with whom you are communicating is actively monitor- ing, capturing, and controlling your communication transpa- rently. For example, the attacker can re-route a data ex- change. When computers are communicating at low levels of
India, , azhar786.ali@gmail.com
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 2
ISSN 2229-5518
the network layer, the computers might not be able to deter- mine with whom they are exchanging data. Man-in-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might be- lieve it is you, because the attacker might be actively replying as you, to keep the exchange going and gain more informa- tion
Before attacking a network, attackers would like to know the IP address of machines on the network, the operating sys- tems they use, and the services that they offer. With this in- formation, their attacks can be more focused and are less likely to cause alarm. The process of gathering this informa- tion is known as mapping .In general, the majority of net- work communications occur in an unsecured or "clear text" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret the traf- fic. When an attacker is eavesdropping on your communica- tions, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the big- gest security problem that administrators face in an enter- prise. Counter measures are strong encryption services that are based on cryptography only. Otherwise the data can be read by others as it traverses the network.
A denial of service attack is a special kind of Internet attack
aimed at large websites. It is a type of attack on a network
that is designed to bring the network to its knees by flooding
it with useless traffic. Denial of Service can result when a
system, such as a Web server, has been flooded with illegiti-
mate requests, thus making it impossible to respond to real
requests. Yahoo! and e-bay were both victims of such attacks
in February 2000. A Dos attack can be perpetrated in a num-
ber of ways. There are three basic types of attack:
Consumption of computational resources, such
as band width, disk space or CPU time, Disruption of confi-
guration information, such as routing information, Disrup- tion of physical network components.
The consequences of a DoS attack are the following: Unusually slow network performance, Unavailability of a particular web site, Inability to access any web site, dramatic increase in the amount of spam receive in email account. Common forms of denial of service are-
The most common kind of DoS attack is simply to send more traffic to a network address than the programmer's expecta- tion on size of buffers. A few of the better known attacks based on the buffer characteristics of a program or system include:
Sending e-mail messages that have attachments with 256
character file names to Netscape and Microsoft mail pro-
grams, Sending over sized Internet Control Message Protocol
(ICMP) packets, Ending to a user of an e-mail program a
message with a "From" address longer than 256 characters.
In this attack, the perpetrator sends an IP ping request to a receiving site. The ping packet specifies that, it is broadcast to a number of hosts within the receiving site's local network.
The packet also indicates that the request is from another site, which is the target site that is to receive the denial of service attack. The result will be lots of ping replies flooding back to the innocent, spoofed host. If the flood is great enough, the spoofed host will no longer be able to receive or distinguish real traffic.
When a computer wants to make a TCP/IP connection to another computer, usually a server, an exchange of TCP/SYN and TCP/ACK packets of information occur. The computer requesting the connection, usually the client's or user's computer sends a TCP/SYN packet which asks the server if it can connect. If the server is ready, it sends a TCP/SYN-ACK packet back to the client to say "Yes, you may connect" and reserves a space for the connection, wait- ing for the client to respond with a TCP/ACK packet. In a SYN flood, the address of the client is often forged so that when the server sends a TCP/SYN-ACK packet back to the client, the message is never received from client because the client either doesn't exist or wasn't expecting the packet and subsequently ignores it. This leaves the server with a dead connection, reserved for a client that will never respond. Usually this is done to one server many times in order to reserve all the connections for unresolved clients, which keeps legitimate clients from making connections.
A distributed denial of service attack (DDoS) occurs when multiple compromised systems or multiple attackers flood the band width or resources of a targeted system with use- less traffic. These systems are compromised by attackers us- ing a variety of methods.
In DDoS attacks, the attacker first gains access to user ac- counts on numerous hosts across the Internet. The attacker then installs and runs a slave program at each compromised site that quietly waits for commands from a master program running, the master program then contacts the slave pro- grams, instructing each of them to launch a denial-of-service attack directed at the same target host. The resulting coordi- nated attack is particularly devastating, since it comes from so many attacking hosts at the same time.
Here also ingress filtering only can control DoS attack and that too to a small extent.
Passive attacks are in the nature of eavesdropping on, or monitoring of transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are
The Release of message contents is easily understood. A tele- phone conversation, an electronic mail message, and a trans- ferred file may contain sensitive or confidential information. We would like to prevent the opponent from learning the contents of these transmissions.
A second type of passive attack, traffic analysis is subtler. Suppose that we had a way of masking the contents of mes- sage or other information traffic so that opponents, even if they captured the message, could not extract the information
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 3
ISSN 2229-5518
from message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of mes- sages. The opponent could determine the location and identi- ty of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect because they do not involve any alteration of the data. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive at- tacks is on prevention rather than detection.
For every organization there is some combination of opti- mum loss prevention and reasonable cost. The purpose of risk management is to find that combination. Simply stated, risk management seeks to avoid or lesson loss. Loss implies injury to, denial of access to or distraction of assets. The op- portunity for a threat to impact an asset adversely is called vulnerabilities. Risk is present when an access is vulnerable to threats. Assets associated with IT include, data, hardware, software, personal and facilities. Facilities consists of com- puter sites, the communication network plant and associated subsystem installations.
Many authors have discussed the varied threats to it re-
sources. Following these are threats and shows that they may
originate from physical sources, unauthorized access and
authorized access. Further, threats from internal and external
sources. The threats arising from authorized access are the
most difficult to find and access. Following are potential
threats to IT:-
Equipment Failure, Power interruption, Contaminants in the air, Weather, Fire, Humidity, Destruction or damage to facili- ty or equip ment by human, Death or injury to key person- nel, Personal turnover
Microcomputer theft, Theft of data, Disclosure, Modification and/or destruction of data, Hackers, Viruses, Bombs, Worms,EDI fraud,Phantom nodes on network,Voice mail fraud,Software piracy
I/S applications portfolio may be outdated or obsolete, In- crease in end user computing, Increased end user access to corporate data, Proliferation of end user developed applica- tions.
Three types of threats affect the confidentiality, integrity, reliability & availability of computer network services. Computer Security =Confidentiality + Integrity + Avaiability
Intentially, Inadvertently
Accurate, Complete, Consistent, Authentic, Timely
Threats to computer networks are defined as entities, events
or circumstances with the capability to inflict harm or distort normal security operations by exploiting vulnerabilities in system. Harm is defined as the abuse or break of the Confi- dentiality, Integrity or Availability of computer networks, in the form of destruction, disclosure, modification, interrup- tion of data and/or denial of service.
An asset is defined as anything that is a value and impor- tance, to the owner, which includes information, programs, data network and communication infrastructures.
Threats classification ─ Threats to computer networks com- prise of the following:
Deliberate software threats includes, worms, viruses, macros and denial of service according to CSI/FBI Annual computer crime & security survey.
Natural disaster (wildfire, flooding, earthquakes, tidal waves tsunami), Cyber threats (Terrorism, political warfare) Insider threats caused by disgruntled employees.
That risk is fundamentally about uncertainly in work per- formance and the resulting out comes. Most of the risk con-
ceptualization into three categories:-
Risk factors leading to loss or source of risk factors. Risk as probability of negative outcomes, Risk as difficulty in esti- mating outcome, Risk undefined or discussed using a differ- ent term such a problem of threat.
Financial risk, Security risk, Technology risk, People risk, Information risk, Business process risk, Success risk, Business risk, System security risk, Project risk, Competitive risk
,Transition risk, Monetary risk, Environmental risk
Good metrics are goal-oriented and should have the follow- ing features: specific, measurable, comparable, attainable, repeatable, and time dependent.
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 4
ISSN 2229-5518
poral metrics contain vulnerability characteristics which evolve over the lifetime of vulnerability. Environmental me- trics contain those vulnerability characteristics which are tied to an implementation in a specific user’s environment. The particular constituent metrics used in CVSS were identified as the best compromise between completeness, ease-of-use and accuracy. They represent the cumulative experience of the model’s authors as well as extensive testing of real-world vulnerabilities in end-user environments.
fi dentiality of a successful exploit of the vulnerability on the
target system. (none, partial or complete)
a successful exploit of the vulnerability on the target sys tem.
(none, partial or complete)
abilty of a successful exploit of the vulnerability on the target
system. (none, partial or complete)
weighting to one of three impact metrics over the other two.
The value can be normal (CI, II and AI are all assigned the same weight), confidentiality (CI is assigned greater weight than II or AI), integrity (II is assigned greater weight than CI or AI), or availability (AI is assigned greater weight than CI
or II)
exploit the vulnerability in the target system. The possible
values are: unproven, proof of concept, functional, or high.
solution. (official fix, temporary fix, workaround, or un
available)
in the existence of the vulnerability and the credibility of its
report. (unconfirmed, uncorroborated, or confirmed)
The environmental metrics represent the implementation
and environment specific features of the vulnerability.
for a loss of physical equipment, property damage or loss of
life or limb. (none, low, medium, or high)
field of target systems susceptible to the vulnerability. (none,
low, medium, or high)
Scoring is the process of combining all the metric values ac- cording to specific formulas.
Base Score is computed by the vendor or originator using the following formula:
BS= round (10 * AV * AC * A *((CI*CIB) + (II*IIB) + (AI*AIB)), Once is set and published, the BS score is not expected to change. It is computed from ―the big three‖ confidentiality, integrity and availability. This is the ―foundation‖ which is modified by the Temporal and Environmental metrics. The base score has the largest bearing on the final score and represents vul nerability severity.
Temporal score is also computed by vendors and coordina tors for publication based on the following formula:
TS= round (BS * E * RL * RC).
It allows for the introduction of mitigating factors to reduce
the score of the vulnerability and is designed to be re-
evaluated at specific intervals as a vulnerability ages. The temporal score represents vulnerability urgency at specific points in time.
Environmental score is optionally computed by end-user organizations and adjusts combined base-temporal score based on the following formula:
ES= round ((TS + ((10 – TS)* CDP))* TD),
This should be considered the final score and represents a
snapshot in time, tailored to a specific environment. User
organizations should use this to prioritize responses within
their own environments
CVSS differs from other scoring systems (e.g. Microsoft
Threat Scoring System, Symantec Threat Scoring System, CERT Vulnerability Scoring or SANS Critical Vulnerability Analysis Scale Ratings) by offering an open framework that can be used to rank vulnerabilities in a consistent fashion
while at the same time allowing for personalization within each user environment. As CVSS matures, these metrics may expand or adjust making it even more accurate, flexible and representative of modern vulnerabilities and their risks.
In this paper we have analysed different possible attacks on each layer of Network model using different possible catego- ries of Basic, Temporal and Environmental matrices.
According to our analysis there are different types of attacks are possible on physical layer. In Physical layer we use com- bination of Base Metric Group and Environmental Metric group. Following attacks and formulas are:-
Cable disconnected, Physical threats, Equipment Failure, Power interruption, Contaminants in the Air , Weather Fire, Humidity, Destruction or damage to facility or equipment by human, Death or injury to Key personnel, Personal turn over.
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 5
ISSN 2229-5518
Fig. 1
1. Environmental Formula= Collateral Damage Potential
+Target Destination
2. Base Formula=Access Availability + Availability Impact
3. Overall Vulnerability Score= Base Formula+ Environmen-
tal Formula
.4.1.2 Data Link Layer
In Data link layer we use combination of Base Metric Group
and Temporal Metric group. In Data link layer there are dif-
ferent types of possible attacks and formulas are:-
MAC modifications, MAC attack, MAC flooding, ARP at- tack, STP (Spanning Tree Protocol) Attack, VLAN Hopping attack , Active Attacks - Sniffing, Host-based, Network based attacks.
Fig. 2
1. Temporal Formula= Exploitability + Remediation Level + Report Confidence
2. Base Formula= Integrity Impact + Impact Bias+ Availabili- ty Impact + Authentication
3. Overall Vulnerability Score= Base Formula+ Temporal
Formula
In Network Layer we use combination of Base Metric Group and Temporal Metric group. In Network Layer there are dif- ferent types of possible attacks and formulas are:-
IP modification, DHCP attack, ICMP attacks and so on. Passive Attacks Interception- Release of message contents, Traffic Analysis, DoS, Spoofing (Identity spoofing or IP Ad- dress Spoofing) Smurf Attack, Buffer Overflow Attacks
Fig. 3
1. Temporal Formula= Exploitability
2. Base Formula= Integrity Impact + Confidentiality Impact
+ Availability Impact + Access Complexity+ Access Vec tor+ Authentication
3. OverallVulnerability Score= Base Formula+ Temporal For
mula
In Transport Layer we can use combined form of Base Metric Group and Environmental Metric group. In Transport Layer there are different types of possible attacks and formulas are:- Attacks
TCP sync flooding, UDP flooding, scanning and so on, it affects serious damage on network devices and servers on overwhelm- ing loads.
Equipment Failure, Power Interruption, Containments in the air, Weather, Fire, Humidity, Destruction or damage to facility or equipment by human, Mapping (Eavesdropping), SYN floods
Fig. 4
1. Environmental Formula= Collateral Damage Potential
2. Base Formula= Integrity Impact + Access Complexity+ Impact Bias
3. Overall Vulnerability Score= Base Formula+ Environ mental Formula
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 6
ISSN 2229-5518
use the combination of Base Metric Group, Temporal Base Group and Environmental Metric group. The formulas and at- tacks are:-
Virus, Worms, Trojan horse, Buffer overflow, APP/OS weak- ness. Authorized physical or electronic access,I/S applications portfolio may be outdated or obsolete,Increase in end user com- puting,Increased end user acces to corporate data,Proliferation of end user developed applications,,Increased end user acces to corporate data,Proliferation of end user developed ,Applications
Fig. 5
1. Environmental Formula= Collateral Damage Potential + Tar get Distribution+ Report Confidence
2. Temporal Formula=Exploitability
3. Base Formula= Impact Bias+ Confidentiality Impact+ Avail- ability Impact+ Authentication + Access Complexity+ Access Vector
BaseScore = (.6*Impact +.4*Exploitability-.5)*f(Impact), Im- pact = 10.41*(1-(1-ConfImpact)(1-IntegImpact)*(1- AvailImpact)), Exploitability
=20*AccessComplexity*Authentication*AccessVector,
TemporalS- core=BaseScore*Exploitability*RemediationLevel*ReportConf idence
1.00,Different types of Confidentiality:- Impact
Low: 0.5, Medium: 1, High: 1.51, Not defined: 1,IntegReq
= case IntegrityImpact of Low: 0.5, Medium: 1, High 1.51, Not defined: 1, Different types of Availability Impact:- Low: 0.5, Medium: 1, High: 1.51 Not defined:
Environmental matrices and Base matrices can be calcu- lated as follows-
EF=CDP+TD, BF=AA+AI
OVS=BF+EF
Physical Layer Overall Vulnerability Score
3.5
3
2.5
f(Impact) = 0 if Impact=0; 1.176 otherwise
0.61,low: 0.71, Different types of Authentication:- Requires no authentication: 0.704, Requires single instance of authentica- tion: 0.56, Requires multiple instances of authentication: 0.45, Different types of Access Vector:-Requires local access:.395, Local Network accessible: .646, Network accessible: 1, Differ- ent types of Confidentiality Impact :- none: 0, partial: 0.275, complete :0.660, Different types of Integrity Impact:- none:
0, partial: 0.275,complete: 0.660, Different types of Availabili- ty Impact :- none: 0, partial: 0.275, complete: 0.660
2
1.5
1
0.5
0
1 2 3 4 5 6 7 8 9
Bas e Form ula
Fig. 6
BF
EF OVS
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 7
ISSN 2229-5518
Phys ical Laye r For Bas e c Form ula
Data Link Layer (Base Formula)
1.8
1.6
1.4
1.2
1
0.8
0.6
0.4
0.2
0
AA AI BF
1 2 3 4 5 6 7 8 9
Acce s s Availability
Fig. 7
3.5
3
2.5 E
2 RC
1.5 RL
1 TF
0.5
0
1 2 3 4 5 6 7 8 9
Integrity Impact, Integrity Bias,Access Availability, Authentication
Fig.10
Data Link Overall Vulnreability Score
1.6
1.4
1.2
1
0.8
0.6
0.4
0.2
0
Phys ical Laye r Environm e ntal Form ula
1 2 3 4 5 6 7 8 9
Calle tral Dam age Pote ntial
CDP TD EF
6
5
4
3
2
1
0
1 2 3 4 5 6 7 8 9
Base Form ula
Fig.11
TF BF OVS
Fig. 8
Temporal matrices and Base matrices can be calculated as follows-
Temporal matrices and Base matrices can be calculated as follows-
TF=E+RL+RC, BF=II+IB+AI+A Overall Vulnerability Score is- OVS=BF+TF
TF=E, BF=II+CI+AI+AC+AV+A
OVS=BF+TF
Network Layer Overall Vulnerability Score
5
2.5
2
1.5
1
0.5
0
Data Link Layer (Base Form ula)
II IB AI A BF
1 2 3 4 5 6 7 8 9
Integrity Im pact, Integrity Bias Availability Im pact
Authentication
4
3
2
1
0
1 2 3 4 5
Base Formula
Fig.12
Netw ork Layer (Base Form ula)
TF BF OVS
Fig.9
4
3.5
3
2.5
2
1.5
1
0.5
0
II CI AI AC AV
A
1 2 3 4 5
BF
Integrity Im pact, Confidentiality Im pact, Access
Vector,Authentication
Fig.13
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 8
ISSN 2229-5518
1.05
1
0.95
0.9
0.85
0.8
0.75
Ne tw ork Laye r (Te m poral Form ula)
E TF
1 2 3 4 5
Exploitiability
Environmental matrices , Temporal matrices and Base matrices can be calculated as follows- EF=CDP+TD+RC
TF=E, BF= IB+CI+AI+A+AC+AV Overall Vulnerability Score is- OVS=BF+TF+EF
Application, Presentation,Session Layer (Environmental Formula)
3.5
3
Fig.14
2.5
2
1.5
1
0.5
CDP TD RC EF
Environmental matrices and Base matrices can be calculated as follows-
EF=CDP, BF=II+AC+IB
OVS=BF+TF
0
1 2 3 4
Collateral Damage Potential, Target Destination,Report
Confidence
Fig.18
0.6
0.5
0.4
0.3
0.2
0.1
0
Transport Layer (Environmental Formula )
1 2 3 4
Collateral Damage Potential
Fig.15
CDP EF
1.05
1
0.95
0.9
0.85
0.8
0.75
Application, Presentation,Session Layer (Temporal
Formula)
E
1 2 3 4
Exploitability
Fig.19
2.5
2
1.5
1
Transport Layer (Base Formula)
II AC IB BF
4
3.5
3
2.5
2
1.5
1
0.5
0
Application,Presentation,Session Layer (Base Formula)
IB CI AI A AC AV
0.5
0
3
2.5
2
1.5
1 2 3 4
Integrity Impact , Access Complexity, Impact Bias
Fig.16
Transport Layer Overall Vulnerability Score
EF BF
1 2 3 4 BF
Impact Bias, Availability Impact,Authentication,Access
Complexity,Access Vector
Fig.20
Application, Presentation, Session Layer Overall
Vulnerability Score
7
6
5 EF
4 E
3 BF
2 OVS
1
0.5
0
1 2 3 4
Base Formula
Fig.17
OVS
1
0
1 2 3 4
Base Formula
Fig.21
IJSER © 2012
The research paper published by IJSER journal is about Evaluation of security risk associated with different network layers 9
ISSN 2229-5518
Metrics are central for measuring the cost and effectiveness of complex security controls. Security metrics, at least such metrics trying to define a measure for the security of an en- tire organization, are a quite new area of research.
In this paper we have analyze risk at different layers using Base metric, Temporal metric and environmental metric and result shows that we can control the risk at each and every layer by controlling the different parameters of each metrics. We have also found that the data link layer have probability of higher risk
[1] Victor-Valeriu PATRICIU, Iustin PRIESCU, Sebastian NICOLAES- CU Security Metrics for Enterprise Information Sysems 2007
[2] Andrew Jaquith, Security Metrics: Replacing Fear, Uncertainty, and
Doubt, Addison Wesley, 2006
[3] Gerald L. Kovacich, Edward Halibozek, Security Metrics Management: How to Measure the Costs and Benefits of Security, Butterworth-Heinemann, 2005
[4] Marianne Swanson P & others, Security Metrics Guide for
Information Technology Systems, NIST pecial Publication
800-55, 2003(http://csrc.nist.gov/publications/nistpubs/800-
55/sp800-55.pdf)
[5] Ron Ross, & others, Recommended Security Controls for
Federal Information Systems, NIST Special Publication 800-53,
2005(http://csrc.nist.gov/publications/nistpubs/800-53/SP800-
53.pdf)
[6] SystemsSecurity Engineering-Capability Maturity Model Group, SSE-CMM – Model Description Document version 3.0, In ternation- al Systems Security Engineering Association, 2003 (http://www.sse-cmm.org/docs/ssecmmv3final.pdf).
[7] Mike Schiffman, Cisco CIAG, A Complete Guide to the Common Vulnerability Scoring System ( CVSS), Forum Incident Response and Security Teams (http://www.first.org/)
[8] VV Patriciu, I. Priescu, S. Nicolăescu, Security Monitoring-
An Advanced Tactic for Network Security Management, communications 2006 Conference, Bucharest, Romania, 2006
[9] VV Patriciu, I. Priescu, S. Nicolăescu, Operational Security Metrics for Large Networks, International Conference on Computers, Communications & Control (ICCC 2006)
[10] ISO/IEC.InformationTechnology–SecurityTechniques, Code of prac- tice for information security management (final draft), ISO, 2005.
[11] British Standard Institute, Information Security Management.Code of Practice for Information Security Management (BS 799-1), British Standard Institute, 1999.
[12] Basel Committee on Banking Supervision, Working Paper on the Regulatory Treatment of Operational Risk Bank for International Settlements, Basel Committee, 2001.
[13] CERT, CERT/CC Statistics 1988-2005, CERT, 2005
(http://www.cert.org/stats/)
[14] US President’s Information Technology Advisory Committee –
―Cyber Security: A Crisis of Prioritization‖, Report to the President, National Coordination Office for Information Technology Research and Development, 2005
[15] Mike Schiffman, Gerhard Eschelbeck, David Ahmad, Andrew
Wright, Sasha Romanosky, "CVSS: A Common Vulnerability Scor-
ing System", National Infrastructure Advisory Council (NIAC),
2004.
[16] Microsoft Corporation. Microsoft Security Response Cen ter Securi- ty Bulletin Severity Rating System. November 2002 [cited 16 March
2007].URLhttp://www.microsoft.com/technet/security/bulletin/r ating.mspx
[17] United States Computer Emergency Readiness Team (US-CERT).
US-CERT Vulnerability Note Field Descriptions. 2006 [cited 16
March 2007]. Available from URL:
http://www.kb.cert.org/vuls/html/fieldhelp
[18] SANS Institute. SANS Critical Vulnerability Analysis Archive. U n- dated [cited 16 March 2007]. Available from URL: http://www.sans.org/newsletters/cva/.
[19] http://nvd.nist.gov/cvss.cfm?calculator
IJSER © 2012