A threat risk estimation model for computer network security

Abstract

Risk analysis of security threats in computer networks is one of the most challenging fields in network management. Security risk analysis is usually done by security experts. Although they utilize analysis tools such as scanners and analyzers, the need for expert is still inevitable. To reduce the need of security expertise for network administrator, yet performing security risk management, this paper proposes UML models to represent expert's security information. We propose a UML class diagram which is built up of necessary classes for security analysis of networks. These classes are the building blocks needed for estimation of probability and effects of security threats. This model is created once and represents the security information needed for analysis. To analyze any network, the needed objects should be instantiated from the provided classes. These objects form the security model of the network with all the threats and their risks specified in. To instantiate the objects of network security model, its information is needed. This information is usually available in documents of a network or is obtainable via automated scanners. We show the applicability of the proposed model on a test network. As the result, the security model of the network which contains its security threats and also their risks are obtained.