Computers and Security
On the solution of GSPN reward models
Performance Evaluation
A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
Intrusion Detection
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Computer Security Handbook
Distributing Trust on the Internet
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Modeling and Analysis of Software Aging and Rejuvenation
SS '00 Proceedings of the 33rd Annual Simulation Symposium
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Automated adaptive intrusion containment in systems of interacting services
Computer Networks: The International Journal of Computer and Telecommunications Networking
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Securing stateful grid servers through virtual server rotation
HPDC '08 Proceedings of the 17th international symposium on High performance distributed computing
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Transactions on Computational Science IV
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
On design tradeoffs between security and performance in wireless group communicating systems
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Towards autonomic mode control of a scalable intrusion tolerant architecture
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Wireless Personal Communications: An International Journal
A self-healing mechanism for an intrusion tolerance system
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
An adaptive mode control algorithm of a scalable intrusion tolerant architecture
Journal of Computer and System Sciences
A stochastic model of attack process for the evaluation of security metrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Security is an important QoS attribute for characterizing intrusion tolerant computing systems. Frequently however, the security of computing systems is assessed in a qualitative manner based on the presence and absence of certain functional characteristics and security mechanisms. Such a characterization is not only ad hoc, it also lacks rigorous scientific and systematic basis. Some recent research efforts have emphasized the need for a quantitative assessment of security attributes for intrusion tolerant systems. Intrusion tolerant systems are not only complex, but also have to operate in an environment made unpredictable due to the unpredictable actions of bona-fide and non bona-fide users. This makes quantitative security analysis a difficult problem. Earlier approaches to security modelling have been based on the use of Markov models. Capturing details of real architectures in a manually constructed Markov model is difficult. We advocate the use of higher level formalism based on stochastic Petri nets for modelling and quantitative security analysis of intrusion tolerant systems. To validate our approach, we use an experimental intrusion tolerant systems known as the SITAR (scalable intrusion tolerant architecture) currently being implemented jointly at MCNC and Duke University as our target system. It is shown that the resulting analysis is useful in determining gains in security by reconfiguring such a system in terms of increase in redundancy under varying threat levels.