Attack tree based information technology security metric integrating enterprise objectives with vulnerabilities

Download
2011
Karabey, Buğra
Security is one of the key concerns in the domain of Information Technology systems. Maintaining the confidentiality, integrity and availability of such systems, mandates a rigorous prior analysis of the security risks that confront these systems. In order to analyze, mitigate and recover from these risks a metrics based methodology is essential in prioritizing the response strategies to these risks and also this approach is required for resource allocation schedules to mitigate such risks. In addition to that the Enterprise Objectives must be focally integrated in the definition, impact calculation and prioritization stages of this analysis to come up with metrics that are useful both for the technical and managerial communities within an organization. Also this inclusion will act as a preliminary filter to overcome the real life scalability issues inherent with such threat modeling efforts. Within this study an attack tree based approach will be utilized to offer an IT Security Risk Evaluation Method and Metric called TEOREM (Tree based Enterprise Objectives Risk Evaluation Method and Metric) that integrates the Enterprise Objectives with the Information Asset vulnerability analysis within an organization. Applicability of the method has been analyzed within a real life setting and the findings are discussed as well within this study.

Suggestions

A genetic-based intelligent intrusion detection system
Özbey, Halil; Şen, Tayyar; Department of Industrial Engineering (2005)
In this study we address the problem of detecting new types of intrusions to computer systems which cannot be handled by widely implemented knowledge-based mechanisms. The solutions offered by behavior-based prototypes either suffer low accuracy and low completeness or require use data eplaining abnormal behavior which actually is not available. Our aim is to develop an algorithm which can produce a satisfactory model of the target system̕s behavior in the absence of negative data. First, we design and deve...
Analysis of electronic signature in Turkey from the legal and economic perspectives and the awareness level in the country
İskender, Gökhan; Koçyiğit, Altan; Department of Information Systems (2006)
As in the case of other information technologies, the best way of obtaining efficient results from electronic signature application is integrating it to the legal and economic systems and increasing the awareness level of technology in the society. This thesis performs the legal and economic analyses of electronic signature in Turkey and measures the awareness level in the society. The analyses performed in the thesis show that electronic signature is not legally established in Turkey even the legal base is...
Awlp: building a custom wireless access point using open source software
Çakırcalı, Alptekin; Baykal, Nazife; Department of Information Systems (2005)
Almost all commercially available wireless access devices are special embedded systems with proprietary software that do not allow any modifications. Modifications to these systems are only possible by firmware upgrades released by manufacturers. However, release times of these firmware upgrades are unpredictable, and they are usually for bug-fix purposes rather than being feature and capability improvements. Thus, these devices fail to provide the needed flexibility. Ability to provide timely custom soluti...
ITMEM-Information Technology Management Enhancement Model: assessment of information technology use in organizations
Sezgin, Emre; Özkan Yıldırım, Sevgi; Department of Information Systems (2010)
This study proposes a new model for the assessment of information technology (IT) use in public and private companies, which is called ITMEM- Information Technology Management Enhancement Model. This model aims to assist decision making processes in information technology management. For this purpose, a tool is developed to explore strengths and weaknesses of a company in IT use. The model was developed upon a three-folded structure including (1) academic studies in technology management, (2) best practices...
Density based clustering using mathematical morphology
Erdem, Coşku; Çetin, Yasemin; Department of Information Systems (2007)
Improvements in technology, enables us to store large amounts of data in warehouses. In parallel, the need for processing this vast amount of raw data and translating it into interpretable information also increases. A commonly used solution method for the described problem in data mining is clustering. We propose "Density Based Clustering Using Mathematical Morphology" (DBCM) algorithm as an effective clustering method for extracting arbitrary shaped clusters of noisy numerical data in a reasonable time. T...
Citation Formats
B. Karabey, “Attack tree based information technology security metric integrating enterprise objectives with vulnerabilities,” Ph.D. - Doctoral Program, Middle East Technical University, 2011.