A Model of Network Porosity

Abstract

Compartmentalization is one of the standard mechanisms used by defenders to secure enterprise networks. Unfortunately, the compartmentalization process from a security standpoint currently remains more of an art than a science. Even when this art is well executed, the ongoing evolution of the network often violates initial, security-critical design assumptions. Toward improving operational security, MIT Lincoln Laboratory has a collection of metrics which can be used to continuously assess risk within the context of cyber security. One important security metric in this collection is a measure for managing network boundaries and xC;filters or network porosity." This metric computes the risk inherent to a given network architecture. This technical report describes the model that underlies the network porosity metric and a simulation implementing the model.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 04, 2016
Accession Number
AD1033873

Entities

People

  • James F. Riordan
  • Neal Wagner
  • Richard P. Lippmann
  • Sebastian J. Neumayer

Organizations

  • Massachusetts Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Agent-Based Simulations
  • Algorithms
  • Anti-Virus Software
  • Boundaries
  • Computer Networks
  • Computers
  • Computing System Architectures
  • Detection
  • Discrete-Event Simulation (Model)
  • Efficiency
  • Electronic Mail
  • Filters
  • Filtration
  • Internet
  • Intrusion
  • Intrusion Detection
  • Intrusion Detectors
  • Intrusion Prevention Systems
  • Local Area Networks
  • Network Architecture
  • Probability
  • Security
  • Simulations
  • Specifications
  • Standards
  • Steady State

Fields of Study

  • Computer science

Readers

  • Aerial Delivery - Logistics and Supply Chain Management.
  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber