# Metrics Towards Measuring Cyber Agility

**Authors:** Jose David Mireles, Eric Ficke, Jin-Hee Cho, Patrick Hurley and, Shouhuai Xu

arXiv: 1906.05395 · 2019-06-14

## TL;DR

This paper introduces a novel metric framework to quantify cyber agility by analyzing the dynamic evolution of cyber attacks and defenses, transforming static security metrics into meaningful measures of strategic effectiveness.

## Contribution

It presents the first systematic framework for measuring cyber agility, applicable to various static metrics, validated through real-world case studies.

## Key findings

- Framework successfully quantifies cyber agility in case studies.
- Transforms static security metrics into dynamic measures.
- Highlights limitations and future research directions.

## Abstract

In cyberspace, evolutionary strategies are commonly used by both attackers and defenders. For example, an attacker's strategy often changes over the course of time, as new vulnerabilities are discovered and/or mitigated. Similarly, a defender's strategy changes over time. These changes may or may not be in direct response to a change in the opponent's strategy. In any case, it is important to have a set of quantitative metrics to characterize and understand the effectiveness of attackers' and defenders' evolutionary strategies, which reflect their {\em cyber agility}. Despite its clear importance, few systematic metrics have been developed to quantify the cyber agility of attackers and defenders. In this paper, we propose the first metric framework for measuring cyber agility in terms of the effectiveness of the dynamic evolution of cyber attacks and defenses. The proposed framework is generic and applicable to transform any relevant, quantitative, and/or conventional static security metrics (e.g., false positives and false negatives) into dynamic metrics to capture dynamics of system behaviors. In order to validate the usefulness of the proposed framework, we conduct case studies on measuring the evolution of cyber attacks and defenses using two real-world datasets. We discuss the limitations of the current work and identify future research directions.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.05395/full.md

## Figures

24 figures with captions in the complete paper: https://tomesphere.com/paper/1906.05395/full.md

## References

54 references — full list in the complete paper: https://tomesphere.com/paper/1906.05395/full.md

---
Source: https://tomesphere.com/paper/1906.05395