English

Cybersecurity Software Tool Evaluation Using a 'Perfect' Network Model

Cryptography and Security 2024-09-17 v1

Abstract

Cybersecurity software tool evaluation is difficult due to the inherently adversarial nature of the field. A penetration testing (or offensive) tool must be tested against a viable defensive adversary and a defensive tool must, similarly, be tested against a viable offensive adversary. Characterizing the tool's performance inherently depends on the quality of the adversary, which can vary from test to test. This paper proposes the use of a 'perfect' network, representing computing systems, a network and the attack pathways through it as a methodology to use for testing cybersecurity decision-making tools. This facilitates testing by providing a known and consistent standard for comparison. It also allows testing to include researcher-selected levels of error, noise and uncertainty to evaluate cybersecurity tools under these experimental conditions.

Keywords

Cite

@article{arxiv.2409.09175,
  title  = {Cybersecurity Software Tool Evaluation Using a 'Perfect' Network Model},
  author = {Jeremy Straub},
  journal= {arXiv preprint arXiv:2409.09175},
  year   = {2024}
}

Comments

The U.S. federal sponsor has requested that we not include funding acknowledgement for this publication

R2 v1 2026-06-28T18:44:19.478Z