Abstract
The aim is to develop a suitable method for quantifying security. We use stochastic modeling techniques for this purpose. An intrusion process is considered as a series of elementary attack phases and at each phase the interactions between the attacker and the system are analyzed rigorously. It is assumed that a typical attacker needs some time to perform an elementary attack phase. On the other hand, it is assumed that the attacker may be detected by the system and thus the overall intrusion process is interrupted. The attacker skill level and the system's abilities are characterized by the uniform distribution functions assigned to the transitions of the model. The underlying stochastic model is recognized as a semi-Markov chain. For security analysis, some valid assumptions about intrusion process are considered. Also, two quantitative security measures are defined and evaluated based on the model. The proposed method is demonstrated by modeling a complicated attack process and evaluating the desired security measures.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
