ABSTRACT

The center for internet security [3] publishes a set of defense actions which forms a set of defense in depth best practices known as critical security control(CSC) to detect, prevent, respond, and mitigate the cyber attacks against cyber systems and networks. However, no well defined automated measures and metrics are developed to validate the enforcement of these CSCs. Additionally, it is infeasible to directly analyze implementation of security products to verify and validate the enforcement of CSCs in those security products.

In this poster, we are going to present our preliminary analysis to develop automated measures and metrices for CSC based on threat model each CSC is targeting, measurable features, cyber artifacts which can be used to develop metrics for key enforcement indicators. We also present a case study to develop measures and metrics for a CIS CSC called boundary defense [3].

BIO

Mohiuddin Ahmed is a third year Ph.D. student at the University of North Carolina at Charlotte, NC, USA. I am currently working on the data-driven analysis, reasoning, and automation for cyber threat hunting