A Survivability Quantitative Analysis Model for Network System Based on Attack Graph

Author

Zhang, Le-Jun ; Wang, Wei ; Guo, Lin ; Yang, Wu ; Yang, Yong-Tian

Author_Institution

Harbin Eng. Univ., Harbin

Volume

6

fYear

2007

fDate

19-22 Aug. 2007

Firstpage

3211

Lastpage

3216

Abstract

Survivability is the ability of a system to continue operating despite the presence of abnormal events such as intrusions. Ensuring system survivability has increased in importance as critical infrastructures have become heavily dependent on computers. In this paper we present a survivability quantitative analysis model for network system based on attack graph, which indicates that survivability depends on network system itself, as well as the environment where it´s running. We identify the intrusion scenarios via attack graph analysis, and then suggest a quantitative measure of network system survivability. Mathematics formulas are given and network nodes that influenced survivability are investigated. From a case study, we identify the compromisable nodes that can be penetrated and damaged by intrusion and provide valuable suggestions to enhance system survivability design. The model is not only suitable for simple network systems but also applicable to distributed ones as long as the system is divided into atomic components.

Keywords

graph theory; security of data; attack graph analysis; critical infrastructures; network system survivability; survivability quantitative analysis model; Automation; Cybernetics; Electronic mail; Finance; Information analysis; Information security; Machine learning; Mathematics; Power system modeling; Telecommunication computing; Attack graph; Quantitative analysis; Survivability model;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2007 International Conference on

Conference_Location

Hong Kong

Print_ISBN

978-1-4244-0973-0

Electronic_ISBN

978-1-4244-0973-0

Type

conf

DOI

10.1109/ICMLC.2007.4370701

Filename

4370701