A probabilistic approach to estimate the damage propagation of cyber attacks

Authors:
Young-Gab Kim;Taek Lee;Hoh Peter In;Yoon-Jung Chung;InJung Kim;Doo-Kwon Baik
Affiliations:
Department of Computer Science and Engineering Korea University, Seoul, Korea;Department of Computer Science and Engineering Korea University, Seoul, Korea;Department of Computer Science and Engineering Korea University, Seoul, Korea;Electronics and Telecommunications and Research Institute, Daejeon, Korea;Electronics and Telecommunications and Research Institute, Daejeon, Korea;Department of Computer Science and Engineering Korea University, Seoul, Korea
Venue:
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Year:
2005

Citing 6
Cited 4

Probability and statistics with reliability, queuing and computer science applications

Probability and statistics with reliability, queuing and computer science applications
Code red worm propagation modeling and analysis

Proceedings of the 9th ACM conference on Computer and communications security
How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium
Worm propagation modeling and analysis under dynamic quarantine defense

Proceedings of the 2003 ACM workshop on Rapid malcode
A security risk analysis model for information systems

AsiaSim'04 Proceedings of the Third Asian simulation conference on Systems Modeling and Simulation: theory and applications
SP 800-30. Risk Management Guide for Information Technology Systems

SP 800-30. Risk Management Guide for Information Technology Systems

Modeling and Simulation for Security Risk Propagation in Critical Information Systems

Computational Intelligence and Security
Quantitative Risk Analysis and Evaluation in Information Systems: A Case Study

ICCS '07 Proceedings of the 7th international conference on Computational Science, Part III: ICCS 2007
HMM-based approach for evaluating risk propagation

PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Risk analysis models and risk degree determination in new product development: A case study

Journal of Engineering and Technology Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

With rapid development in the Internet technology, business management in an organization becomes dependent on network dependency and cohesiveness in a critical information and communications infrastructure. However, the occurrence of cyber attacks has increased, targeted against vulnerable resources in information systems. Hence, in order to protect private information and computer resources, risk analysis and damage propagation need to be studied. However, the existing models present mechanisms for risk management, and these models can only be applied to specified threats such as a virus or a worm. Therefore, a probabilistic model for damage propagation based on Markov process is proposed, which can be applied to diverse threats in information systems. The proposed model enables us to predict the occurrence probability and occurrence frequency of each threat in the information systems.