The β-Time-to-Compromise Metric for Practical Cyber Security Risk Estimation

Zieger A, Freiling F, Kossakowski KP (2018)

Publication Language: English

Publication Type: Conference contribution, Original article

Publication year: 2018

Pages Range: 115-133

Conference Proceedings Title: 2018 11th International Conference on IT Security Incident Management & IT Forensics

Event location: Hamburg DE

DOI: 10.1109/IMF.2018.00017

Abstract

To manage cybersecurity risks in practice, a simple yet effective method to assess suchs risks for individual systems is needed. With time-to-compromise (TTC), McQueen et al. (2005) introduced such a metric that measures the expected time that a system remains uncompromised given a specific threat landscape. Unlike other approaches that require complex system modeling to proceed, TTC combines simplicity with expressiveness and therefore has evolved into one of the most successful cybersecurity metrics in practice. We revisit TTC and identify several mathematical and methodological shortcomings which we address by embedding all aspects of the metric into the continuous domain and the possibility to incorporate information about vulnerability characteristics and other cyber threat intelligence into the model. We propose β-TTC, a formal extension of TTC which includes information from CVSS vectors as well as a continuous attacker skill based on a β-distribution. We show that our new metric (1) remains simple enough for practical use and (2) gives more realistic predictions than the original TTC by using data from a modern and productively used vulnerability database of a national CERT.

Authors with CRIS profile

Felix Freiling Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)

Involved external institutions

Hochschule für Angewandte Wissenschaften Hamburg (HAW) DE Germany (DE)

How to cite

APA:

Zieger, A., Freiling, F., & Kossakowski, K.-P. (2018). The β-Time-to-Compromise Metric for Practical Cyber Security Risk Estimation. In IEEE Computer Society (Eds.), 2018 11th International Conference on IT Security Incident Management & IT Forensics (pp. 115-133). Hamburg, DE.

MLA:

Zieger, Andrej, Felix Freiling, and Klaus-Peter Kossakowski. "The β-Time-to-Compromise Metric for Practical Cyber Security Risk Estimation." Proceedings of the 11th International Conference on IT Security Incident Management & IT Forensics (IMF 2018), Hamburg Ed. IEEE Computer Society, 2018. 115-133.

BibTeX: Download