• Towards the implementation of a network security assessment model focus on threat and risk management

      Hasan, Muhammad Fahim (University of Bedfordshire, 2011-01)
      Network security is an increasingly raising concern for every enterprise having IT infrastructure. The numbers of data breaches are increasing every year due to the complexity in the existing network security models. Background to the problem is that the existing network security assessment models cannot or not fully addressed in the given domain. The investigation is primarily focused on critical evaluation of various proposed network security assessment models with their strength and weakness. This thesis is a preliminary development of a model for assessing the network security taking under consideration the network associated risk. The proposed model simplifies the quantification process of the risk interrelated with organization network by utilizing various parameters. The model introduces the visualization techniques in the threats and vulnerability identification process as well. The end result of the measured risk has given a particular value with respect to its criticality in the conclusion of the model. This model will not only support in identification and classification of the threats but also enable the organization management to take well-informed decisions against the criticality found with risk expose by particular threat and vulnerability.