Computer Network Security Event-Ranking using a Fuzzy Risk Analysis Approach

M. Dondo (Canada)

Keywords

Event Management, Vulnerability, Risk Analysis, Ranking.

Abstract

On a daily basis, computer network security analysts often handle multitudes of security events affecting assets under their watch. To effectively protect the networks, it is impor tant that analysts assess the potential risk each event poses to the network. This can be a tedious task that would re quire a way to prioritize which events to look at first. To achieve this, we develop an approach in which we extract the attributes associated with each event. We then associate the event with vulnerabilities and use a fuzzy vulnerability prioritisation approach to rank these events by determining the risk that each event is associated with in a given net work. We test our approach on a prototype network using real data.

Important Links:



Go Back