Title :
Intrusion Process Modeling for Security Quantification
Author :
Almasizadeh, Jaafar ; Azgomi, Mohammad Abdollahi
Author_Institution :
Dept. of Comput. Eng., Iran Univ. of Sci. & Technol., Tehran
Abstract :
The aim is to develop a suitable method for quantifying security. We use stochastic modeling techniques for this purpose. An intrusion process is considered as a series of elementary attack phases and at each phase the interactions between the attacker and the system are analyzed rigorously. It is assumed that a typical attacker needs some time to perform an elementary attack phase. On the other hand, it is assumed that the attacker may be detected by the system and thus the overall intrusion process is interrupted. The attacker skill level and the system´s abilities are characterized by the uniform distribution functions assigned to the transitions of the model. The underlying stochastic model is recognized as a semi-Markov chain. For security analysis, some valid assumptions about intrusion process are considered. Also, two quantitative security measures are defined and evaluated based on the model. The proposed method is demonstrated by modeling a complicated attack process and evaluating the desired security measures.
Keywords :
Markov processes; authorisation; elementary attack phase; intrusion process modeling; security quantification; semi-Markov chain model; stochastic modeling technique; uniform distribution function; Availability; Computer security; Data security; Distribution functions; Electronic mail; Quality of service; Reliability engineering; Sliding mode control; Stochastic processes; Stochastic systems; Evaluation; Intrusion Process; Modeling; Quantification; Security;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.142
