A stochastic model of attack process for the evaluation of security metrics

Computer Networks

Volumn 57, Issue 10, 2013, Pages 2159-2180

  Almasizadeh, Jaafar ^a   Azgomi, Mohammad Abdollahi ^a  

^a IRAN UNIVERSITY OF SCIENCE AND TECHNOLOGY   (Iran)

Author keywords

Attack modeling; Attack process; Cyber security; Quantitative security evaluation; Security metrics; Stochastic modeling semi Markov chain

Indexed keywords

ATTACK MODELING; ATTACK PROCESS; CYBER SECURITY; QUANTITATIVE SECURITY EVALUATION; SECURITY METRICS; SEMI-MARKOV CHAIN;

COMPUTER CRIME; DISTRIBUTION FUNCTIONS; MARKOV PROCESSES; MATHEMATICAL MODELS; PROBABILITY DISTRIBUTIONS;

SECURITY OF DATA;

EID: 84879205852     PISSN: 13891286     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.comnet.2013.03.011     Document Type: Article

References (43)

1. D.M. Nicol, W.H. Sanders, and K.S. Trivedi Model-based evaluation: from dependability to security IEEE Transactions on Dependable and Secure Computing 1 1 2004 48 65
2. B. Madan, K. Goseva-Popstojanova, K. Vaidyanathan, and K.S. Trivedi A method for modeling and quantifying the security attributes of intrusion tolerant systems Performance Evaluation Journal 56 1-4 2004 167 186
3. D.J. Leversage, E. James, Estimating a System's Mean Time-to-Compromise, Security & Privacy, IEEE March 16-19, IEEE CS Press, 2008, pp. 52-60.
4. E. LeMay, M.D. Ford, K. Keefe, W.H. Sanders, C. Muehrcke, Model-based security metrics using ADversary View security evaluation (ADVISE), in: Proceedings of the 8th International Conference on Quantitative Evaluation of SysTems (QEST 2011), Aachen, Germany, September 5-8, 2011.
5. W. Stallings Cryptography and Network Security: Principles and Practice fifth ed. 2011 Prentice Hall
6. D. Wang, B. Madan, K.S. Trivedi, Security analysis of SITAR intrusion-tolerant system, in: Proc. ACM Workshop on Survivable and Self-Regenerative Systems, 2003, pp. 23-32.
7. K. Sallhammar, B.E. Helvik, and S.J. Knapskog On stochastic modeling for integrated security and dependability evaluation Journal of Networks 1 5 2006
8. F. Stevens, T. Courtney, S. Singh, A. Agbaria, J.F. Meyer, W.H. Sanders, P. Pal, Model-based validation of an intrusion-tolerant information system, in: Proceedings of the 23rd Symposium on Reliable Distributed Systems (SRDS 2004), Florianpolis, Brazil, October 2004.
9. M.A. McQueen, W.F. Boyer, M.A. Flynn, and G.A. Beitel Time-to-compromise model for cyber risk reduction estimation First Workshop on Quality of Protection Quality of Protection: Security Measurements and Metrics 2005 Springer
10. B. Littlewood, S. Brocklehurst, N. Fenton, P. Mellor, S. Page, and D. Wright Towards operational measures of computer security Journal of Computer Security 2 1993 211 229
11. E. Jonsson, and T. Olovsson A quantitative model of the security intrusion process based on attacker behavior IEEE Transactions on Software Engineering 23 4 1997 235 245
12. R. Ortalo, Y. Deswarte, and M. Kaâniche Experiments with quantitative evaluation tools for monitoring operational security IEEE Transactions on Software Engineering 25 5 1999 635 650
13. S. Singh, M. Cukier, W. Sanders, Probabilistic validation of an intrusion-tolerant replication system, in: Int'l Conf. on Dependable Systems and Networks (DSN'03), 2001.
14. K. Goseva-Popstojanova, F. Wang, R. Wang, F. Gong, K. Vaidyanathan, K.S. Trivedi, B. Muthusamy, Characterizing intrusion tolerant systems using a state transition model, in: DARPA Information Survivability Conference and Exposition (DISCEX II), vol. 2, 2001, pp. 211-221.
15. M. Kaâniche, E. Alata, V. Nicomette, Y. Deswarte, M. Dacier, Empirical analysis and statistical modelling of attack processes based on honeypots, in: Proc. of WEEDS 2006-Workshop on Empirical Evaluation of Dependability and Security, Philadelphia (USA), June 25-28, 2006.
16. N. Paulauskas, E. Garsva, Attacker skill level distribution estimation in the system mean time-to-compromise, in: Proceedings of 1st International Conference on Information Technology, Gdanks, 19-21 May, 2008, 463-466. ISBN 978-1-4244-2244-9.
17. M. Xu, and S. Xu A extended stochastic model for quantitative security analyses of networked systems Internet Mathematics 8 3 2012 288 320
18. S. Basagiannis, P. Katsaros, A. Pombortsis, and N. Alexiou Probabilistic model checking for the quantification of DoS security threats Computers & Security 28 2009 450 465
19. C. Bodei, M. Curti, and P. Degano A quantitative study of two attacks Proc. of the 2nd International Workshop on Security Issues with Petri Nets and other Computational Models (WISP'04) Electronic Notes in Theoretical Computer Science vol. 121 2005 Elsevier 65 85
20. M.S. Ahmed, E. Al-Shaer, and L. khan A novel quantitative approach for measuring network security INFOCOM 2008 The 27th Conference on Computer Communications 2008 IEEE CS Press 1957 1965
21. I. Cervesato, Towards a notion of quantitative security analysis, in: Proc. 1st Workshop on Quality of Protection, pages 12-26, 2005.
22. A. Hecker, M. Riguidel, On the operational security assurance evaluation of networked IT systems, NEW2AN, September 2009, St Petersburg, Russia.
23. S. Jafari, F. Mtenzi, R. Fitzpatrick, and B. O'Shea Security metrics for e-healthcare information systems: a domain specific metrics approach International Journal of Digital Society (IJDS) 1 4 2010 (United Kingdom)
24. W. Boyer, and M. McQueen Ideal based cyber security technical metrics for control systems CRITIS 7 2007 3 5
25. R. Lippmann, J. Riordan, T. Yu, K. Watson, Continuous Security Metrics for Prevalent Network Threats: Introduction and First Four Metrics, Project Report IA-3, MIT Lincoln Laboratory, Lexington, MA, 22 May 2012.
26. L. Wang, T. Islam, T. Long, A. Singhal, and S. Jajodia An attack graph-based probabilistic security metric Proc. 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC 2008) Lecture Notes in Computer Science (LNCS) vol. 5094 2008 Springer-Verlag 283 296
27. J. Almasizadeh, and M. Abdollahi Azgomi A method for estimation of the success probability of an intrusion process by considering the temporal aspects of the attacker behavior Transactions on Computational Science vol. 4 2009 Springer-Verlag ISSN: 0302-9743, ISBN: 978-3-642-01003-3
28. J. Almasizadeh, M. Abdollahi Azgomi, Intrusion process modeling for security quantification, in: Proc. of the 4th International Conference on Availability, Reliability and Security (ARES'09), March 16-19, Fukuoka Institute of Technology (FIT), Fukuoka, Japan, IEEE CS Press, 2009, pp. 114-121.
29. S. Young, and D. Aitel The Hackers Handbook: The Strategy Behind Breaking into and Defending Networks first ed. 2004 Auerbach
30. K.S. Trivedi Probability and Statistics with Reliability, Queuing, and Computer Science Applications second ed. 2001 John Wiley & Sons
31. Y. Cao, H. Sun, K.S. Trivedi, and J. Han System availability with non-exponentially distributed outages IEEE Transactions on Reliability 51 2 2002 193 198
32. S. Malhotra, S. Bhattacharya, S.K. Ghosh, A vulnerability and exploit independent approach for attack path prediction, in: Proc. of the 2008 IEEE 8th International Conference on Computer and Information Technology Workshops, July 08-11, 2008.
33. E. Jonsson, Towards an integrated conceptual model of security and dependability, in: Proc. of the First Int'l. Conf.on Availability, Reliability and Security (AReS), 2006.
34. Y. Chen, B. Boehm, L. Sheppard, Value driven security threat modeling based on attack path analysis, in: 40th Hawaii International Conference on Systems Sciences, Big Island, Hawaii, January 2007.
35. P. Liu, W. Zang, Incentive-based modeling and inference of attacker intent, objectives, and strategies, in: Proceedings of the 10th ACM Conference on Computer and Communication Security, 2003, pp. 179-189.
36. X. Qin, W. Lee, Attack plan recognition and prediction using causal networks, in: Proc. of the 20th Annual Conference on Computer Security Applications, 2004, pp. 370-379.
37. O. Sheyner, J. Wing, Tools for generating and analyzing attack graphs, In Proceedings of International Symposium on Formal Methods for Components and Objects, Lecture Notes in Computer Science 3188, 2004, pp. 344-371.
38. J. Steven, K.L. Templeton, A requires/provides model for computer attacks, in: Proc. of the 2000 Workshop on New Security Paradigms, Ballycotton, County Cork, Ireland, 2001, pp. 31-38.
39. P. Maggi, D. Pozza, R. Sisto, Vulnerability modelling for the analysis of network attacks, Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX 2008.
40. I. Kotenko, M. Stepashkin, Attack graph based evaluation of network security, CMS 2006, LNCS 4237, 2006, pp. 216-227.
41. R.P. Lippmann, K.W. Ingols, C. Scott, K. Piwowarski, K.J. Kratkiewicz, M. Artz, R.K. Cunningham, Evaluating and strengthening enterprise network security using attack graphs, Technical report, MIT Lincoln Laboratory, Lexington, MA, 2005. ESC-TR-2005-064.
42. P. Manadhata, J.M. Wing, An attack surface metric, Technical report, CMU-CS-05-155, School of Computer Science, Carnegie Mellon University, July 2005.
43. M. Benini, and S. Sicari Risk assessment in practice: a real case study Computer Communications 31 2008 3691 3699