• DocumentCode
    2129965
  • Title

    Modelling and Analysis of Release Order of Security Algorithms Using Stochastic Petri Nets

  • Author

    Alsuhibany, Suliman A. ; Van Moorsel, Aad

  • Author_Institution
    Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK
  • fYear
    2013
  • fDate
    2-6 Sept. 2013
  • Firstpage
    437
  • Lastpage
    445
  • Abstract
    While security algorithms are utilized to protect system resources from misuse, using a single algorithm such as CAPTCHAs and Spam-Filters as a defence mechanism can work to protect a system against current attacks. However, as attackers learn from their attempts, this algorithm will eventually become useless and the system is no longer protected. We propose to look at a set of algorithms as a combined defence mechanism to maximize the time taken by attackers to break a system. When studying sets of algorithms, diverse issues arise in terms of how to construct them and in which order or in which combination to release them. In this paper, we propose a model based on Stochastic Petri Nets, which describe the interaction between an attacker, the set of algorithms used by a system, and the knowledge gained by the attacker with each attack. In particular, we investigate the interleaving of dependent algorithms, which have overlapping rules, with independent algorithms, which have a disjoint set of rules. Based on the proposed model, we have analyzed and evaluated how the order can impact the time taken by an attacker to break a set of algorithms. Given the mean time to security failure (MTTSF) for a system to reach a failure state, we identify an improved approach to the release order of a set of algorithms in terms of maximizing the time taken by the attacker to break them. Further, we show a prediction of the attacker´s knowledge acquisition progress during the attack process.
  • Keywords
    Petri nets; failure analysis; knowledge acquisition; security of data; stochastic processes; CAPTCHA; MTTSF; Spam-Filters; attack process; attacker knowledge acquisition progress prediction; attacker learning; defence mechanism; failure state; mean time to security failure; release order analysis; release order modelling; resource misuse; security algorithm; stochastic Petri nets; system attacks; system resource protection; Algorithm design and analysis; Classification algorithms; Computational modeling; Games; Petri nets; Security; Stochastic processes; Mean Time To Security Failure; Model-based evaluation; Performance analysis; Security and Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
  • Conference_Location
    Regensburg
  • Type

    conf

  • DOI
    10.1109/ARES.2013.58
  • Filename
    6657274