NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

k-Zero Day Safety: Measuring the Security Risk of Networks Against Unknown Attacks

Published

Author(s)

Lingyu Wang, Sushil Jajodia, Anoop Singhal, Steven Noel

Abstract

The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic [10]. In this paper, we propose a novel security metric, k-zero day safety, based on the number of unknown zero day vulnerabilities. That is, the metric simply counts how many unknown vulnerabilities would be required for compromising a network asset, regardless of what vulnerabilities those might be. We formally define the metric based on an abstract model of networks and attacks. We then devise algorithms for computing the metric. Finally, we show the metric can quantify many existing practices in hardening a network.
Proceedings Title
Computer Security – ESORICS 2010 (Lecture Notes in Computer Science)
Volume
6345
Conference Dates
September 20-22, 2010
Conference Location
Athens, GR
Conference Title
15th European Symposium on Research in Computer Security (ESORICS 2010)
Pub Type
Conferences

Download Paper

https://doi.org/10.1007/978-3-642-15497-3_35
Local Download

Keywords

attack graphs, network security, security metrics
Information technology and Cybersecurity and privacy

Citation

Wang, L. , Jajodia, S. , Singhal, A. and Noel, S. (2010), k-Zero Day Safety: Measuring the Security Risk of Networks Against Unknown Attacks, Computer Security – ESORICS 2010 (Lecture Notes in Computer Science), Athens, GR, [online], https://doi.org/10.1007/978-3-642-15497-3_35, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=905605 (Accessed October 28, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created December 9, 2010, Updated October 12, 2021
Was this page helpful?