Computer vulnerability evaluation using fault tree analysis

Authors:
Tao Zhang;Mingzeng Hu;Xiaochun Yun;Yongzheng Zhang
Affiliations:
Computer Network and Information Security Technique Research Center, Harbin Institute of Technology, Harbin, China;Computer Network and Information Security Technique Research Center, Harbin Institute of Technology, Harbin, China;Computer Network and Information Security Technique Research Center, Harbin Institute of Technology, Harbin, China;Computer Network and Information Security Technique Research Center, Harbin Institute of Technology, Harbin, China
Venue:
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Year:
2005

Citing 3
Cited 1

Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security

IEEE Transactions on Software Engineering
A review of port scanning techniques

ACM SIGCOMM Computer Communication Review
Model-based analysis of configuration vulnerabilities

Journal of Computer Security

Modeling and analyzing faults to improve election process robustness

EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections

Quantified Score

Hi-index	0.00

Visualization

Abstract

For analyzing computer system security, the system visitor could be classified into five kinds by his privilege to access system resource, and presented the model base on privilege escalation. The attacker can enhance his privilege by exploiting vulnerability, according to distribution of vulnerabilities privilege set, we could construct fault tree to reflect distinctly potential attack path, and so this method could quantificational express security state at different security policy via analyzing fault tree.