An Attack Surface Metric

Abstract

We propose a metric to determine whether one version of a software system is more secure than another with respect to the system's attack surface. Rather than count bugs at the code level or count vulnerability reports at system level, we measure a system's attackability, i.e., how likely the system will be successfully attacked. We define the attack surface of a system in terms of the system's attackability along three abstract dimensions: method, data, and channel. Intuitively, the larger the attack surface, the more likely the system will be attacked, and hence the more insecure it is. We demonstrate the use of the attack surface metric by measuring and comparing the attack surface of two versions of a hypothetical IMAP server.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2005
Accession Number
ADA457096

Entities

People

  • Jeannette Wing
  • Pratyusa Manadhata

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • C4I
  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Communication Channels
  • Computer Access Control
  • Computer Programs
  • Computer Science
  • Computers
  • Detection
  • Environment
  • Information Operations
  • Mathematical Models
  • Measurement
  • Models
  • Operating Systems
  • Risk
  • Security
  • Vulnerability

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Cybersecurity.
  • Fluid Dynamics.
  • Systems Analysis and Design