A markov game theory-based risk assessment model for network information system

Proceedings - International Conference on Computer Science and Software Engineering, CSSE 2008

Volumn 3, Issue , 2008, Pages 1057-1061

  Cui, Xiaolin ^a   Tan, Xiaobin ^a   Zhang, Yong ^a   Xi, Hongsheng ^a  

^a UNIVERSITY OF SCIENCE AND TECHNOLOGY OF CHINA   (China)

Author keywords

Markov game theory; Risk assessment; Threat transmission

Indexed keywords

ASSESSMENT APPROACHES; ASSESSMENT MODELS; MARKOV GAMES; NETWORK INFORMATION SYSTEMS; SIMULATION EXAMPLE; SOFTWARE TOOL; SYSTEM ADMINISTRATORS; SYSTEM RISK; SYSTEM SECURITY; THREAT TRANSMISSION;

COMPUTER SCIENCE; COMPUTER SIMULATION; COMPUTER SOFTWARE; GAME THEORY; INFORMATION SYSTEMS; RATING;

RISK ASSESSMENT;

EID: 79951507952     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSSE.2008.949     Document Type: Conference Paper

References (20)

1. IEC 1025: 1990 Fault Tree Analysis (FTA), 1990
2. Bouti, A. and Ait Kadi, D., "A State of the Art Review of FMEA/FMECA", International Journal of Reliability, Quality and Safety Engineering. January 1949: 515-543.
3. Redmill F, Chudleigh M, Catmur J, "HAZOP and Software HAZOP", Wiley, 1999.
4. B. Littlewood, "A reliability Model for Systems with Markov Structure", Applied Statistics, 1997, 24(2):172-177.
5. CORAS IST-2000-25031 Web Site, http://www.nr.no/coras. 24 February 2003.
6. Reactive System Design Support, "RSDS", http://www.kcl.ac.uk. 2002.
7. Commission of the European Communities Security Investigations Projects: Project S2014, Risk Analysis, CRAMM Evaluation, 1993.
8. Control Objectives for Information and Related Technology, http://www.isaca.org/COBIT, 2003.
9. J ZHANG Yong-Zheng etc., "Research on Network Node Correlation in Network Risk Assessment", China Journal of Computers, February 2007: 234-240.
10. The International Organization for Standardization, Common Criteria for Information Technology Security Evaluation, ISO/IEC15408: 1999(E), 1999.
11. SSE-CMM Model Description Document, Version 2.0, 1999, http://www.sse-cmm.org.
12. International Organization for Standardization, Code of Practice for Information Security Management, ISO/IEC 17799:2000, December 2000.
13. BSI/DISC Committee BDD/2, BS7799 Code of Practice for Information Security Management, 1999.
14. J International Organization for Standardization, ISO/IEC TR 13335, Guidelines for the Management of IT Security (GMITS), 1996-2001.
15. J National Security Agency, information Assurance Technical Framework (IATF), Version 3.0, 2000, http://www.iatf.net.
16. Information security technology, Risk assessment specification for information security, GB/Z 20984-2007.
17. WU Bing etc., "Network-based malcode detection technology", Journal on Communications, November 2007: 87-91.
18. Ritchey, R.W etc., "Using model checking to analyze network vulnerabilities", IEEE Conference on Security and Privacy, May 2000.
19. Beaudoin, L etc., "Asset Valuation Technique for Network Management and Security", IEEE Conference on Data Mining Workshops, December 2006.
20. Dan Shen etc., "Adaptive Markov Game Theoretic Data Fusion Approach for Cyber Network Defense", IEEE Conference on Military Communications, October 2007.