A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Hi-index | 0.00 |
It is important for trusted intranets to focus on network security as a whole with dynamic and formalized analysis. The qualitative and current quantitative methods have difficulties to reach the requirements. After analyzing the attacking process, a Jackson network-based model with absorbing states is proposed, where the absorbing states mean the attacks succeed or fail. We compute the steady-state joint probability distribution of network nodes, the mean time of attack data spent in network, and the probabilities from the network entry node to absorbing states. According to the analysis of the above measures, we analyze the relationship between network security and performance.