Towards the Implementation of the Model

As part of our research, we built a Proof of Concept (PoC) software application using real data to model real world computer networks and different types of known risks. Implementing a model most times involves a new set of detailed definitions and procedures that were not required for the high level mathematical model. Our goal was to be able to automate as much as possible the data collection and model generation. We wanted our results to have the least amount possible of human interpretation in the generation of the risk scores. We also wanted to use as inputs of our PoC application existing Open Source network vulnerability scanners and sniffers so that a complete solution could be deployed afterwards in real world scenarios. In this chapter we will go through the new detailed definitions we tested and used in our software as part of the process of building and testing our PoC.