Abstract
Abstract Modeling of system and information security aims to facilitate formal representation and analysis of security, where vulnerabilities are identified and addressed. This chapter discusses the two categories of static and dynamic security models, as exemplified by attack graphs and Petri nets, respectively. Also discussed is the significant enhancement that results from extending these models to capture nondeterministic behavior, in stochastic attack graphs and stochastic Petri nets, respectively. The models are evaluated and compared with respect to (i) accuracy and (ii) potential for decision support, and Petri nets are found to be superior to attack graphs in both criteria.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.