{"title":"Cybersecurity Software Tool Evaluation Using a 'Perfect' Network Model","authors":"Jeremy Straub","doi":"arxiv-2409.09175","DOIUrl":null,"url":null,"abstract":"Cybersecurity software tool evaluation is difficult due to the inherently\nadversarial nature of the field. A penetration testing (or offensive) tool must\nbe tested against a viable defensive adversary and a defensive tool must,\nsimilarly, be tested against a viable offensive adversary. Characterizing the\ntool's performance inherently depends on the quality of the adversary, which\ncan vary from test to test. This paper proposes the use of a 'perfect' network,\nrepresenting computing systems, a network and the attack pathways through it as\na methodology to use for testing cybersecurity decision-making tools. This\nfacilitates testing by providing a known and consistent standard for\ncomparison. It also allows testing to include researcher-selected levels of\nerror, noise and uncertainty to evaluate cybersecurity tools under these\nexperimental conditions.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"18 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.09175","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Cybersecurity software tool evaluation is difficult due to the inherently
adversarial nature of the field. A penetration testing (or offensive) tool must
be tested against a viable defensive adversary and a defensive tool must,
similarly, be tested against a viable offensive adversary. Characterizing the
tool's performance inherently depends on the quality of the adversary, which
can vary from test to test. This paper proposes the use of a 'perfect' network,
representing computing systems, a network and the attack pathways through it as
a methodology to use for testing cybersecurity decision-making tools. This
facilitates testing by providing a known and consistent standard for
comparison. It also allows testing to include researcher-selected levels of
error, noise and uncertainty to evaluate cybersecurity tools under these
experimental conditions.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
