View article

It is difficult to assess the security of modern networks because they are usually dynamic with configuration changes (such as changes in topology, firewall rules, etc). Graphical security models (e.g., Attack Graphs and Attack Trees) are widely used to systematically analyse the security posture of network systems using security metrics. However, there are problems using them to assess the security of dynamic networks. First, most models are unable to capture dynamic changes occurring in the networks over time. Second, the existing security metrics are not designed for the analysis of dynamic networks and hence their effectiveness to the dynamic changes in the network still remains unclear.

In this paper, we systematically categorise network changes into two categories (i.e., changes in hosts and changes in edges). We conduct a comprehensive analysis to evaluate the effectiveness of security metrics using a …