A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
Probability and statistics with reliability, queuing and computer science applications
Probability and statistics with reliability, queuing and computer science applications
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Model-Based Validation of an Intrusion-Tolerant Information System
SRDS '04 Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Queueing Networks and Markov Chains
Queueing Networks and Markov Chains
Using Stochastic Game Theory to Compute the Expected Behavior of Attackers
SAINT-W '05 Proceedings of the 2005 Symposium on Applications and the Internet Workshops
Towards an Integrated Conceptual Model of Security and Dependability
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
A Vulnerability and Exploit Independent Approach for Attack Path Prediction
CITWORKSHOPS '08 Proceedings of the 2008 IEEE 8th International Conference on Computer and Information Technology Workshops
A Quantitative Study of Two Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
A stochastic model of attack process for the evaluation of security metrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
The aim is to propose a new approach for stochastic modeling of an intrusion process and quantitative evaluation of the probability of the attacker success. In many situations of security analysis, it is necessary to obtain the probabilities of success for attackers in an intrusion process. In the proposed method, the intrusion process is considered as elementary attack phases. In each atomic phase the attacker and the system interact and this interaction can transfer the current system state to a secure or failure state. Intrusion process modeling is done by a semi-Markov chain (SMC). The distribution functions assigned to the SMC transitions are a linear combination of some uniform distributions. These mixture distributions represent the time distribution of the attacker or the system in the transient states. In order to evaluate the security measure, the SMC is converted into a discrete-time Markov chain (DTMC) and then the resulting DTMC is analyzed and the probability of the attacker success is computed based on mathematical theorems. The desired security measure is evaluated with respect to the temporal aspects of the attacker behavior.