{"title":"面向安全量化的入侵过程建模","authors":"J. Almasizadeh, M. A. Azgomi","doi":"10.1109/ARES.2009.142","DOIUrl":null,"url":null,"abstract":"The aim is to develop a suitable method for quantifying security. We use stochastic modeling techniques for this purpose. An intrusion process is considered as a series of elementary attack phases and at each phase the interactions between the attacker and the system are analyzed rigorously. It is assumed that a typical attacker needs some time to perform an elementary attack phase. On the other hand, it is assumed that the attacker may be detected by the system and thus the overall intrusion process is interrupted. The attacker skill level and the system's abilities are characterized by the uniform distribution functions assigned to the transitions of the model. The underlying stochastic model is recognized as a semi-Markov chain. For security analysis, some valid assumptions about intrusion process are considered. Also, two quantitative security measures are defined and evaluated based on the model. The proposed method is demonstrated by modeling a complicated attack process and evaluating the desired security measures.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":"{\"title\":\"Intrusion Process Modeling for Security Quantification\",\"authors\":\"J. Almasizadeh, M. A. Azgomi\",\"doi\":\"10.1109/ARES.2009.142\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The aim is to develop a suitable method for quantifying security. We use stochastic modeling techniques for this purpose. An intrusion process is considered as a series of elementary attack phases and at each phase the interactions between the attacker and the system are analyzed rigorously. It is assumed that a typical attacker needs some time to perform an elementary attack phase. On the other hand, it is assumed that the attacker may be detected by the system and thus the overall intrusion process is interrupted. The attacker skill level and the system's abilities are characterized by the uniform distribution functions assigned to the transitions of the model. The underlying stochastic model is recognized as a semi-Markov chain. For security analysis, some valid assumptions about intrusion process are considered. Also, two quantitative security measures are defined and evaluated based on the model. The proposed method is demonstrated by modeling a complicated attack process and evaluating the desired security measures.\",\"PeriodicalId\":169468,\"journal\":{\"name\":\"2009 International Conference on Availability, Reliability and Security\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-03-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"26\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2009.142\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2009.142","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Intrusion Process Modeling for Security Quantification
The aim is to develop a suitable method for quantifying security. We use stochastic modeling techniques for this purpose. An intrusion process is considered as a series of elementary attack phases and at each phase the interactions between the attacker and the system are analyzed rigorously. It is assumed that a typical attacker needs some time to perform an elementary attack phase. On the other hand, it is assumed that the attacker may be detected by the system and thus the overall intrusion process is interrupted. The attacker skill level and the system's abilities are characterized by the uniform distribution functions assigned to the transitions of the model. The underlying stochastic model is recognized as a semi-Markov chain. For security analysis, some valid assumptions about intrusion process are considered. Also, two quantitative security measures are defined and evaluated based on the model. The proposed method is demonstrated by modeling a complicated attack process and evaluating the desired security measures.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
