Cyber Security Analysis and Assurance using Cloud-Based Security Measurement System

Cyber Security Analysis and Assurance using Cloud-Based Security Measurement System Cyber Security Analysis and Assurance using Cloud-Based Security Measurement System NOTE: Statement of work conducted by ASU PI is in bold italic Arial font Development of cloud computing environment and testing of Cloud-Based Security Measurement (CBSM) framework. The CBSM needs high performance servers to implement a prototype cloud based security measurement system. The CBSM system will be established among three involving universities. The master CBSM system will be established at Arizona State University (ASU) based on existing cloud facilities. Duke and FSTS will serve as subdomains of the CBSM. Description of the Project Cyber security attacks are one of the critical threats to NATO and partner countries critical cyber infrastructure. A major hurdle in the development of cyber security techniques is the lack of well established security metrics, models and tools which enable enterprises to determine the effectiveness of security mechanisms and allow them to evaluate the tradeoffs between levels of security, performance and security investment cost. The development of a science of security and security metrics has been advocated as a major goal by industry, government, standards organizations and academia. A methodological approach to a science of security would in a fashion similar to physical sciences require the development of measurement techniques, metrics and models by which hypothesis could be verified or invalidated by experimental studies. Measurements involve gathering empirical data about the outcome or absence of an event or attribute. Security metrics map the measured data onto a scale to represent the attribute under study. The scale may be qualitative (e.g., low, medium, high) or a quantitative. Models provide a formal representation of the system under study and are often required when there is a non-trivial relationship between measurement data and the attribute to be studied. For example, measurement data may be gathered at the subsystem or component level and may need to be combined through a model to determine system wide metrics. In the physical sciences several desirable properties have been identified for metrics, such as, they should be directly measureable or computable from measurements in an accurate fashion, scalable, independently reproducible and consistent for the same experimental conditions. This project plans to develop quantifiable security metrics, models, evaluation methods and supporting stools aimed at enterprise system analysis and decision making for security assessment and enhancement. We believe that a combined approach of measurements, analytic models and security metrics will be an effective way of quantifying and enhancing security. We will carry out the following activities to achieve the goals. We will further develop a new attack tree model type called attack countermeasure trees (ACT) which takes into account a variety of cyber attacks, detection and countermeasures. We will develop a cloud-based security measurement (CBSM) system which can monitor and measure security events and metrics of a system in a cost-effective way. A software tool which supports both ACT construction and CBSM will be developed. The results using the tool will help a decision maker to assess, improve and assure security of systems. A prototype software tool will be developed to integrate the security metrics, developed analytic models and methods in conjunction with a CBSM system as a step toward commercialization and widespread adoption. The implemented software tool and CBSM system will provide a security as service for industry and/or enterprise. The list of equipment requested is mainly needed to create a cloud computing environment to develop and test the CBSM framework. It needs high performance servers to implement a prototype cloud based security measurement system. The CBSM system will be established among three involving universities. The master CBSM system will be established at Arizona State University (ASU) based on existing cloud facilities.