A framework for security quantification of networked machines
COMSNETS(2010)
摘要
Widespread application of computer network has evoked a lot of interest for cyber attackers to target these systems. In addition to cryptography based protective techniques such as authentication and authorization, several defense measures, like Intrusion Detection and Tolerance, and tools are employed to protect networks thereby, making security a critical issue. Therefore, the need for defining, structuring, and quantifying security arises as a necessary first step towards measuring the effectiveness of security related deployments. This work proposes a structured approach to define and analyze security related metrics for intrusion tolerant systems for each individual host in the network and compose them in a meaningful way to provide an overall security quantification for a network. The dynamics of each machine against a particular vulnerability is modeled as a (hidden) Markov process to capture uncertainties in attacker's action and system response. Based on these stochastic analysis, security metrics of each machine are calculated which are subsequently used in the final computation of the security metrics of the network.
更多查看译文
关键词
hidden markov process,intrusion detection,vulnerabilities,stochastic processes,security metrics,widespread application,markov process,intrusion detection system,cryptography,cyber attacker,critical issue,steady-state probabilities,overall security quantification,computer network security,authorisation,defense measure,network security,cryptography based protective technique,quantifying security,networked machine,steady-state probability,computer network,message authentication,intrusion tolerant system,hidden markov models,stochastic analysis,security quantification,hidded markov model,probability,intrusion tolerance,computational modeling,availability,markov model,markov processes,steady state,security
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要