IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Computers and Security
On the quantitative assessment of behavioural security
ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
On the modelling of preventive security based on a PC network intrusion experiment
ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
Information security technology?...don't rely on it: a case study in social engineering
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
An integrated framework for security and dependability
Proceedings of the 1998 workshop on New security paradigms
On the functional relation between security and dependability impairments
Proceedings of the 1999 workshop on New security paradigms
Does Open Source Improve System Security?
IEEE Software
Building Survivable Services Using Redundancy and Adaptation
IEEE Transactions on Computers
Security Modeling and Evaluation for the Mobile Code Paradigm
ASIAN '99 Proceedings of the 5th Asian Computing Science Conference on Advances in Computing Science
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Quantifying eavesdropping vulnerability in sensor networks
DMSN '05 Proceedings of the 2nd international workshop on Data management for sensor networks
Archetypal behavior in computer security
Journal of Systems and Software
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
A model-based semi-quantitative approach for evaluating security of enterprise networks
Proceedings of the 2008 ACM symposium on Applied computing
Journal of Systems and Software
Distributed agents model for intrusion detection based on AIS
Knowledge-Based Systems
Open source vs. closed source software: towards measuring security
Proceedings of the 2009 ACM symposium on Applied Computing
Transactions on Computational Science IV
On the Security Properties and Attacks against Mobile Agent Graph Head Sealing (MAGHS)
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Using security metrics coupled with predictive modeling and simulation to assess security processes
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers
Journal of Management Information Systems
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
Towards a unifying approach in understanding security problems
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
Dependability metrics
Mobile agent watermarking (MAW): security properties and attacks revisited
Proceedings of the 7th International Conference on Frontiers of Information Technology
Formal approach to security metrics.: what does "more secure" mean for you?
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Cybersecurity for critical infrastructures: attack and defense modeling
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Misbehavior detection algorithm in CCSDS space telecommand system
IEEE Communications Letters
Using trust-based information aggregation for predicting security level of systems
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Attack and defense modeling with BDMP
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
On design tradeoffs between security and performance in wireless group communicating systems
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Proceedings of the 26th Annual Computer Security Applications Conference
Towards autonomic mode control of a scalable intrusion tolerant architecture
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Security based survivability risk analysis with extended HQPN
Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
Modeling fault-tolerant and secure mobile agent execution
EC'05 Proceedings of the 6th WSEAS international conference on Evolutionary computing
Trust-based security level evaluation using Bayesian belief networks
Transactions on computational science X
Formal analysis of security metrics and risk
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Wireless Personal Communications: An International Journal
Fault tolerance for fight-through: a basis for strategic survival
Proceedings of the 4th international conference on Security of information and networks
Quantifying the security of composed systems
PPAM'05 Proceedings of the 6th international conference on Parallel Processing and Applied Mathematics
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Security vulnerabilities in software systems: a quantitative perspective
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
A jackson network-based model for quantitative analysis of network security
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
OWA trees and their role in security modeling using attack trees
Information Sciences: an International Journal
An adaptive mode control algorithm of a scalable intrusion tolerant architecture
Journal of Computer and System Sciences
Cyber security exercises and competitions as a platform for cyber security experiments
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
A stochastic model of attack process for the evaluation of security metrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
A malicious behavior analysis based Cyber-I birth
Journal of Intelligent Manufacturing
Hi-index | 0.01 |
This paper is based on a conceptual framework in which security can be split into two generic types of characteristics, behavioral and preventive. Here, preventive security denotes the system's ability to protect itself from external attacks. One way to describe the preventive security of a system is in terms of its interaction with the alleged attacker, i.e., by describing the intrusion process. To our knowledge, very little is done to model this process in quantitative terms. Therefore, based on empirical data collected from intrusion experiments, we have worked out a hypothesis on typical attacker behavior. The hypothesis suggests that the attacking process can be split into three phases: the learning phase, the standard attack phase, and the innovative attack phase. The probability for successful attacks during the learning and innovative phases is expected to be small, although for different reasons. During the standard attack phase it is expected to be considerably higher. The collected data indicates that the breaches during the standard attack phase are statistically equivalent and that the times between breaches are exponentially distributed. This would actually imply that traditional methods for reliability modeling could be applicable.