Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Cyber attack modeling and simulation for network security analysis
Proceedings of the 39th conference on Winter simulation: 40 years! The best is yet to come
Hi-index | 0.00 |
Security of information systems is a major concern today because the existing threats are getting new dimensions. Information Security (IS) is to protect our important information assets from accidental or deliberate damages. Cyber Security (CS) is a whole set of procedures and systems providing protection of computer systems and networks from the intentional and unintentional damages or dangers in the cyberspace through services like confidentiality, integrity, authentication, availability, non-repudiation, auditing, and digital signature. To counter the increasing cyber terrorism threats, we need predictive calculation of cyber attacks occurrences. We can do this by giving mathematical models for the elements of CS systems. Researchers have suggested some models for the quantification of CS, however, the existing models have either enforced only qualitative measures or the quantification models lack modeling features and without validation with the realistic data. There is a requirement for a unified model for the quantification of CS that considers majority of the parameters and services for it and which should be validated with realistic data. We propose a quantification model of cyber security, which considers most of the CS parameters. This is a generalized model, which is customizable enough to be used in multitude implementation environments. The proposed model is simulated and validated with an example of real life data for the SZABIST Islamabad Campus email server.