A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
The Vision of Autonomic Computing
Computer
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
A self-healing mechanism for an intrusion tolerance system
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Modeling and evaluating the survivability of an intrusion tolerant database system
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
An adaptive mode control algorithm of a scalable intrusion tolerant architecture
Journal of Computer and System Sciences
| Hi-index | 0.00 |
In this article we consider an intrusion tolerant system with two detection modes; automatic detection mode and manual detection mode for intrusions, and describe the dynamic transition behavior by a continuous-time semi-Markov chain (CTSMC). Based on the embedded Markov chain (EMC) approach, we derive the steady-state probability of the CTSMC, the steady-state system availability and the mean time to security failure (MTTSF). Especially, we show necessary and sufficient conditions to exist the optimal switching time from an automatic detection mode to a manual detection mode, which maximizes the steady-state system availability. Next, we develop an autonomic mode control scheme to estimate the optimal switching time without specifying any probability distribution function in an adaptive way, where the basic idea comes from a statistically non-parametric algorithm by means of the total time on test concept. Numerical examples through a simulation study are presented for illustrating the optimal switching of detection mode, and investigating the asymptotic property of the resulting autonomic mode control scheme.