Application of quantitative security measurement model for prioritisation of vulnerability mitigation: a real case study Online publication date: Tue, 22-Nov-2016
by Anshu Tripathi; Umesh Kumar Singh
International Journal of Information and Computer Security (IJICS), Vol. 8, No. 4, 2016
Abstract: Vulnerability mitigation is one of the key processes of proactive security management. Increase in complexity of IT systems and sophistication of attacks accompanied with rising rate of vulnerability evolution necessitate prioritisation of vulnerability mitigation. In this direction, a metric-based quantitative security measurement model (QSMM) was proposed in Tripathi and Singh (2013) that measures relative risk level of vulnerabilities and hosts in a network. Objective of the model is to assist system administrator in automated and reasonable decision making for mitigation of vulnerabilities present in a network. In order to evaluate the performance and effectiveness of the proposed model in realistic network, the model was applied in network of MIT campus. MIT campus network was used as the testbed to demonstrate the efficacy of model. This work presents a detailed account of this real case study and further, results are analysed.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook