It is difficult to assess the security of modern networks because they are usually dynamic with configuration changes (such as changes in topology, firewall rules, etc). Graphical security models (e.g., Attack Graphs and Attack Trees) are widely used to systematically analyse the security posture of network systems using security metrics. However, there are problems using them to assess the security of dynamic networks. First, most models are unable to capture dynamic changes occurring in the networks over time. Second, the existing security metrics are not designed for the analysis of dynamic networks and hence their effectiveness to the dynamic changes in the network still remains unclear. In this paper, we systematically categorise network changes into two categories (i.e., changes in hosts and changes in edges). We conduct a comprehensive analysis to evaluate the effectiveness of security metrics using a Temporal Hierarchical Attack Representation Model, which can capture and analyse the changes in the security of network systems. Further, we investigate the varying effects of security metrics when changes are observed in the dynamic networks. Our simulation results show that different security metrics (except the shortest attack path) have varying security posture changes with respect to changes in the network (when we introduce time to them). However, none of the security metrics consistently changes for all the network changes that we observe in our scenarios. Hence, the results provide some insights into what security metrics can change (accordingly) when a particular network change is observed. It also provides a foundation for further research in this area.

• 出版日期2018-10-24