A tool for security metrics modeling and visualization

Outi-Marja Latvala, Jyri Toivonen, Jarkko Kuusijärvi, Antti Evesti

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

4 Citations (Scopus)

Abstract

Measuring the security level of an information system to acquire reliable perception of its state requires the use of various different security metrics that can provide extensive security evidence of the system. Visualization can then be used to facilitate the management of the security metrics and measurements and to enhance understanding on their relationships. This paper introduces a tool for modeling and monitoring the security state of a system and focuses on the visualization aspects of the tool. The security metrics of a system are organized hierarchically in the tool, so that more general and conceptual security metrics on the higher levels are connected to detailed, low-level measurements. The tool helps bring meaningfulness to the security metrics and helps the user be more aware of the security state of the system during runtime use of the tool. By having organized security evidence from high-level objectives to low-level measurements the user is able to act on the security incidents more proficiently.
Original languageEnglish
Title of host publicationProceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14
Place of PublicationNew York
PublisherAssociation for Computing Machinery ACM
Number of pages7
ISBN (Print)978-1-4503-2778-7
DOIs
Publication statusPublished - 2014
MoE publication typeA4 Article in a conference publication
Event8th European Conference on Software Architecture Workshops, ECSAW 2014 - Vienna, Austria
Duration: 25 Aug 201429 Aug 2014

Publication series

NameACM International Conference Proceeding Series

Conference

Conference8th European Conference on Software Architecture Workshops, ECSAW 2014
Abbreviated titleECSAW 2014
CountryAustria
CityVienna
Period25/08/1429/08/14

Fingerprint

Visualization
Level measurement
Information systems
Monitoring

Keywords

  • security metric
  • visualization
  • situation awareness
  • cyber security

Cite this

Latvala, O-M., Toivonen, J., Kuusijärvi, J., & Evesti, A. (2014). A tool for security metrics modeling and visualization. In Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14 [3] New York: Association for Computing Machinery ACM. https://doi.org/10.1145/2642803.2642806
Latvala, Outi-Marja ; Toivonen, Jyri ; Kuusijärvi, Jarkko ; Evesti, Antti. / A tool for security metrics modeling and visualization. Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14. New York : Association for Computing Machinery ACM, 2014.
@inproceedings{f92129be5b5742a8ae24afb7ac16d685,
title = "A tool for security metrics modeling and visualization",
abstract = "Measuring the security level of an information system to acquire reliable perception of its state requires the use of various different security metrics that can provide extensive security evidence of the system. Visualization can then be used to facilitate the management of the security metrics and measurements and to enhance understanding on their relationships. This paper introduces a tool for modeling and monitoring the security state of a system and focuses on the visualization aspects of the tool. The security metrics of a system are organized hierarchically in the tool, so that more general and conceptual security metrics on the higher levels are connected to detailed, low-level measurements. The tool helps bring meaningfulness to the security metrics and helps the user be more aware of the security state of the system during runtime use of the tool. By having organized security evidence from high-level objectives to low-level measurements the user is able to act on the security incidents more proficiently.",
keywords = "security metric, visualization, situation awareness, cyber security",
author = "Outi-Marja Latvala and Jyri Toivonen and Jarkko Kuusij{\"a}rvi and Antti Evesti",
note = "Project code: 79314",
year = "2014",
doi = "10.1145/2642803.2642806",
language = "English",
isbn = "978-1-4503-2778-7",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery ACM",
booktitle = "Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14",
address = "United States",

}

Latvala, O-M, Toivonen, J, Kuusijärvi, J & Evesti, A 2014, A tool for security metrics modeling and visualization. in Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14., 3, Association for Computing Machinery ACM, New York, 8th European Conference on Software Architecture Workshops, ECSAW 2014, Vienna, Austria, 25/08/14. https://doi.org/10.1145/2642803.2642806

A tool for security metrics modeling and visualization. / Latvala, Outi-Marja; Toivonen, Jyri; Kuusijärvi, Jarkko; Evesti, Antti.

Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14. New York : Association for Computing Machinery ACM, 2014. 3.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - A tool for security metrics modeling and visualization

AU - Latvala, Outi-Marja

AU - Toivonen, Jyri

AU - Kuusijärvi, Jarkko

AU - Evesti, Antti

N1 - Project code: 79314

PY - 2014

Y1 - 2014

N2 - Measuring the security level of an information system to acquire reliable perception of its state requires the use of various different security metrics that can provide extensive security evidence of the system. Visualization can then be used to facilitate the management of the security metrics and measurements and to enhance understanding on their relationships. This paper introduces a tool for modeling and monitoring the security state of a system and focuses on the visualization aspects of the tool. The security metrics of a system are organized hierarchically in the tool, so that more general and conceptual security metrics on the higher levels are connected to detailed, low-level measurements. The tool helps bring meaningfulness to the security metrics and helps the user be more aware of the security state of the system during runtime use of the tool. By having organized security evidence from high-level objectives to low-level measurements the user is able to act on the security incidents more proficiently.

AB - Measuring the security level of an information system to acquire reliable perception of its state requires the use of various different security metrics that can provide extensive security evidence of the system. Visualization can then be used to facilitate the management of the security metrics and measurements and to enhance understanding on their relationships. This paper introduces a tool for modeling and monitoring the security state of a system and focuses on the visualization aspects of the tool. The security metrics of a system are organized hierarchically in the tool, so that more general and conceptual security metrics on the higher levels are connected to detailed, low-level measurements. The tool helps bring meaningfulness to the security metrics and helps the user be more aware of the security state of the system during runtime use of the tool. By having organized security evidence from high-level objectives to low-level measurements the user is able to act on the security incidents more proficiently.

KW - security metric

KW - visualization

KW - situation awareness

KW - cyber security

U2 - 10.1145/2642803.2642806

DO - 10.1145/2642803.2642806

M3 - Conference article in proceedings

SN - 978-1-4503-2778-7

T3 - ACM International Conference Proceeding Series

BT - Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14

PB - Association for Computing Machinery ACM

CY - New York

ER -

Latvala O-M, Toivonen J, Kuusijärvi J, Evesti A. A tool for security metrics modeling and visualization. In Proceedings of the 2014 European Conference on Software Architecture Workshops, ECSAW '14. New York: Association for Computing Machinery ACM. 2014. 3 https://doi.org/10.1145/2642803.2642806