Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Reasoning about partial goal satisfaction for requirements and design engineering
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
A Method of Security Measurement of the Network Data Transmission
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Security modeling and quantification of intrusion tolerant systems using attack-response graph
Journal of High Speed Networks
Modeling and Simulation in Security Evaluation
IEEE Security and Privacy
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
A model-based semi-quantitative approach for evaluating security of enterprise networks
Proceedings of the 2008 ACM symposium on Applied computing
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
An architectural description language for secure Multi-Agent Systems
Web Intelligence and Agent Systems
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
Towards a unifying approach in understanding security problems
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
Security analysis for online banking system using hierarchical stochastic game nets model
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Performance and security tradeoff
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Using trust-based information aggregation for predicting security level of systems
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
On design tradeoffs between security and performance in wireless group communicating systems
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Towards autonomic mode control of a scalable intrusion tolerant architecture
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Availability state transition model
ACM SIGSOFT Software Engineering Notes
Modeling and survivability analysis of service composition using Stochastic Petri Nets
The Journal of Supercomputing
Trust-based security level evaluation using Bayesian belief networks
Transactions on computational science X
Layered security architecture for threat management using multi-agent system
ACM SIGSOFT Software Engineering Notes
Wireless Personal Communications: An International Journal
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
A self-healing mechanism for an intrusion tolerance system
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Security vulnerabilities in software systems: a quantitative perspective
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
A jackson network-based model for quantitative analysis of network security
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
An immune-based model for service survivability
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
SSL VPNs: SSL VPN and return on investment: A possible combination
Network Security
An adaptive mode control algorithm of a scalable intrusion tolerant architecture
Journal of Computer and System Sciences
Queue management as a DoS counter-measure?
ISC'07 Proceedings of the 10th international conference on Information Security
Modeling and security analysis of enterprise network using attack–defense stochastic game Petri nets
Security and Communication Networks
An Exposition of Performance-Security Trade-offs in RANETs Based on Quantitative Network Models
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
Quite often failures in network based services and server systems may not be accidental, but rather caused by deliberate security intrusions. We would like such systems to either completely preclude the possibility of a security intrusion or design them to be robust enough to continue functioning despite security attacks. Not only is it important to prevent or tolerate security intrusions, it is equally important to treat security as a QoS attribute at par with, if not more important than other QoS attributes such as availability and performability. This paper deals with various issues related to quantifying the security attribute of an intrusion tolerantsystem, such as the SITAR system. A security intrusion and the response of an intrusion tolerant system to the attack is modeled as a random process. This facilitates the use ofstochastic modeling techniques to capture the attacker behavior as well as the system's response to a security intrusion. This model is used to analyze and quantify the securityattributes of the system. The security quantification analysis is first carried out for steady-state behavior leading to measures like steady-state availability. By transforming this model to a model with absorbing states, we compute a security measure called the "mean time (or effort) to security failure" and also compute probabilities of security failure due to violations of different security attributes.