A Model of Network Porosity

Abstract

Compartmentalization is one of the standard mechanisms used by defenders to secure enterprise networks. Unfortunately, the compartmentalization process from a security standpoint remains more of an art than a science. Even when well executed, the ongoing evolution of the network may violate initial, security-critical design assumptions. Toward improving operational security, MIT Lincoln Laboratory has produced a collection of metrics that can be used to continuously assess risk within the context of cyber security. One important security metric in this collection is a measure for managing network boundaries and filters or network porosity. This metric computes the risk inherent to a given network architecture. This report describes the model that underlies the network porosity metric, and a simulation implementing the model.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 09, 2016
Accession Number
AD1024812

Entities

People

  • James F. Riordan
  • Neal Wagner
  • Richard P. Lippmann
  • Sebastian J. Neumayer

Organizations

  • MIT Lincoln Laboratory

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Abstracts
  • Air Force
  • Algorithms
  • Anti-Virus Software
  • Boundaries
  • Computer Networks
  • Computing System Architectures
  • Data Leakages
  • Electronic Mail
  • Intellectual Property
  • Intrusion Detection
  • Network Architecture
  • Porosity
  • Probability
  • Simulations
  • Standards
  • Steady State

Fields of Study

  • Computer science

Readers

  • Computational Modeling and Simulation
  • Cybersecurity.

Technology Areas

  • Cyber