Mean privacy: A metric for security of computer systems

Abstract

In this paper, we propose a new approach for quantitative security analysis of computer systems. We intend to derive a metric of how much private information about a computer system can be disclosed to attackers. In fact, we want to introduce a methodology in order to be able to quantify our intuitive interpretation of how attackers act and how much they are predictable. This metric can be considered as an appropriate indicator for quantifying the security level of computer systems. We call the metric “Mean Privacy” and suggest a method for its quantification. It is quantified by using an information-theoretic model. For this purpose, we utilize a variant of attack tree that is able to systematically represent all feasible malicious attacks that are performed to violate the security of a system. The attack tree, as the underlying attack model, will be parameterized with some probability mass functions. The quantitative model will be used to express our intuition of the complexity of the attacks quantitatively. The usefulness of the proposed model lies in the context of security analysis. In fact, the analysis approach can be employed in some ways: Among several options for a system, we can indicate the most secure one using the metric as a comparative indicator. The security analysis of systems that operate under a variety of anticipated attack plans and different interaction environments can be carried out. Finally, new security policies, countermeasures and strategies can be applied to increase the security level of the systems.