Yi Cheng, Julia Deng, Jason Li, Scott DeLoach, Anoop Singhal, Xinming Ou
Discussion of challenges and ways of improving Cyber Situational Awareness dominated our previous chapters. However, we have not yet touched on how to quantify any improvement we might achieve. Indeed, to get an accurate assessment of network security and provide sufficient Cyber Situational Awareness (CSA), simple but meaningful metrics--the focus of the Metrics of Security chapter--are necessary. The adage, "what can't be measured can't be effectively managed," applies here. Without good metrics and the corresponding evaluation methods, security analysts and network operators cannot accurately evaluate and measure the security status of their networks and the success of their operations. In particular, this chapter explores two distinct issues: (i) how to define and use metrics as quantitative characteristics to represent the security state of a network, and (ii) how to define and use metrics to measure CSA from a defender's point of view.
, Deng, J.
, Li, J.
, DeLoach, S.
, Singhal, A.
and Ou, X.
Metrics of Security, Cyber Defense and Situational Awareness, Springer, Dusseldorf, -1, [online], https://doi.org/10.1007/978-3-319-11391-3_13, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=917850
(Accessed December 8, 2023)