A Stochastic Model for Quantitative Security Analyses of Networked Systems

A Stochastic Model for Quantitative Security Analyses of Networked Systems

Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configur...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing 2011-01, Vol.8 (1), p.28-43
Hauptverfasser: Xiaohu Li, Parker, P, Shouhuai Xu
Format: Artikel
Sprache:eng
Schlagworte:
Analytical models
Authentication
Computer networks
Computer science
Courthouses
Cryptographic protocols
Cryptography
Digital Object Identifier
Exploitation
Graphs
Intrusion
Intrusion detection
Intrusion detection systems
Mathematical analysis
Mathematical models
Network security
Network topology
networked systems
quantitative security analysis
Random variables
Security
security metric
Security modeling
Simulation
Steady-state
Stochastic models
Stochastic systems
Stochasticity
Studies
Tightness
Upgrading
vulnerability graph
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 43
container_issue 1
container_start_page 28
container_title IEEE transactions on dependable and secure computing
container_volume 8
creator Xiaohu Li
Parker, P
Shouhuai Xu
description Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems and (2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.
doi_str_mv 10.1109/TDSC.2008.75
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_miscellaneous_849468522</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>4695835</ieee_id><sourcerecordid>849468522</sourcerecordid><originalsourceid>FETCH-LOGICAL-c314t-ba61184206b48d7de034e301b3e1cb18b265d78517dd63dd862ec4858072bbcc3</originalsourceid><addsrcrecordid>eNpd0D1PwzAQgOEIgUQpbGwsFgsLKXZsx85YlW8VEEqZLce-iJS0LrYDyr8nVRED093w6KR7k-SU4AkhuLhaXJezSYaxnAi-l4xIwUiKMZH7w84ZT3khyGFyFMIS44zJgo2SxykqozPvOsTGoCdnoUW18-i10-vYRB2bL0AlmM43sUfTtW77AAG5Gj1D_Hb-Aywq-xBhFY6Tg1q3AU5-5zh5u71ZzO7T-cvdw2w6Tw0lLKaVzgmRLMN5xaQVFjBlQDGpKBBTEVllObdCciKszam1Ms_AMMklFllVGUPHycXu7sa7zw5CVKsmGGhbvQbXBSVZwXLJs2yQ5__k0nV--CEoIYY6Bc7ZgC53yHgXgodabXyz0r5XBKttVrXNqrZZleADP9vxBgD-KMsLLimnP2bacm0</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>771949064</pqid></control><display><type>article</type><title>A Stochastic Model for Quantitative Security Analyses of Networked Systems</title><source>IEEE Electronic Library (IEL)</source><creator>Xiaohu Li ; Parker, P ; Shouhuai Xu</creator><creatorcontrib>Xiaohu Li ; Parker, P ; Shouhuai Xu</creatorcontrib><description>Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems and (2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.</description><identifier>ISSN: 1545-5971</identifier><identifier>EISSN: 1941-0018</identifier><identifier>DOI: 10.1109/TDSC.2008.75</identifier><identifier>CODEN: ITDSCM</identifier><language>eng</language><publisher>Washington: IEEE</publisher><subject>Analytical models ; Authentication ; Computer networks ; Computer science ; Courthouses ; Cryptographic protocols ; Cryptography ; Digital Object Identifier ; Exploitation ; Graphs ; Intrusion ; Intrusion detection ; Intrusion detection systems ; Mathematical analysis ; Mathematical models ; Network security ; Network topology ; networked systems ; quantitative security analysis ; Random variables ; Security ; security metric ; Security modeling ; Simulation ; Steady-state ; Stochastic models ; Stochastic systems ; Stochasticity ; Studies ; Tightness ; Upgrading ; vulnerability graph</subject><ispartof>IEEE transactions on dependable and secure computing, 2011-01, Vol.8 (1), p.28-43</ispartof><rights>Copyright IEEE Computer Society Jan-Mar 2011</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c314t-ba61184206b48d7de034e301b3e1cb18b265d78517dd63dd862ec4858072bbcc3</citedby><cites>FETCH-LOGICAL-c314t-ba61184206b48d7de034e301b3e1cb18b265d78517dd63dd862ec4858072bbcc3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/4695835$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/4695835$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Xiaohu Li</creatorcontrib><creatorcontrib>Parker, P</creatorcontrib><creatorcontrib>Shouhuai Xu</creatorcontrib><title>A Stochastic Model for Quantitative Security Analyses of Networked Systems</title><title>IEEE transactions on dependable and secure computing</title><addtitle>TDSC</addtitle><description>Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems and (2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.</description><subject>Analytical models</subject><subject>Authentication</subject><subject>Computer networks</subject><subject>Computer science</subject><subject>Courthouses</subject><subject>Cryptographic protocols</subject><subject>Cryptography</subject><subject>Digital Object Identifier</subject><subject>Exploitation</subject><subject>Graphs</subject><subject>Intrusion</subject><subject>Intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Mathematical analysis</subject><subject>Mathematical models</subject><subject>Network security</subject><subject>Network topology</subject><subject>networked systems</subject><subject>quantitative security analysis</subject><subject>Random variables</subject><subject>Security</subject><subject>security metric</subject><subject>Security modeling</subject><subject>Simulation</subject><subject>Steady-state</subject><subject>Stochastic models</subject><subject>Stochastic systems</subject><subject>Stochasticity</subject><subject>Studies</subject><subject>Tightness</subject><subject>Upgrading</subject><subject>vulnerability graph</subject><issn>1545-5971</issn><issn>1941-0018</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2011</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><sourceid>BENPR</sourceid><recordid>eNpd0D1PwzAQgOEIgUQpbGwsFgsLKXZsx85YlW8VEEqZLce-iJS0LrYDyr8nVRED093w6KR7k-SU4AkhuLhaXJezSYaxnAi-l4xIwUiKMZH7w84ZT3khyGFyFMIS44zJgo2SxykqozPvOsTGoCdnoUW18-i10-vYRB2bL0AlmM43sUfTtW77AAG5Gj1D_Hb-Aywq-xBhFY6Tg1q3AU5-5zh5u71ZzO7T-cvdw2w6Tw0lLKaVzgmRLMN5xaQVFjBlQDGpKBBTEVllObdCciKszam1Ms_AMMklFllVGUPHycXu7sa7zw5CVKsmGGhbvQbXBSVZwXLJs2yQ5__k0nV--CEoIYY6Bc7ZgC53yHgXgodabXyz0r5XBKttVrXNqrZZleADP9vxBgD-KMsLLimnP2bacm0</recordid><startdate>201101</startdate><enddate>201101</enddate><creator>Xiaohu Li</creator><creator>Parker, P</creator><creator>Shouhuai Xu</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>8AL</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>L.-</scope><scope>L6V</scope><scope>M0C</scope><scope>M0N</scope><scope>M7S</scope><scope>P5Z</scope><scope>P62</scope><scope>PHGZM</scope><scope>PHGZT</scope><scope>PKEHL</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQGLB</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>PYYUZ</scope><scope>Q9U</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>201101</creationdate><title>A Stochastic Model for Quantitative Security Analyses of Networked Systems</title><author>Xiaohu Li ; Parker, P ; Shouhuai Xu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c314t-ba61184206b48d7de034e301b3e1cb18b265d78517dd63dd862ec4858072bbcc3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Analytical models</topic><topic>Authentication</topic><topic>Computer networks</topic><topic>Computer science</topic><topic>Courthouses</topic><topic>Cryptographic protocols</topic><topic>Cryptography</topic><topic>Digital Object Identifier</topic><topic>Exploitation</topic><topic>Graphs</topic><topic>Intrusion</topic><topic>Intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Mathematical analysis</topic><topic>Mathematical models</topic><topic>Network security</topic><topic>Network topology</topic><topic>networked systems</topic><topic>quantitative security analysis</topic><topic>Random variables</topic><topic>Security</topic><topic>security metric</topic><topic>Security modeling</topic><topic>Simulation</topic><topic>Steady-state</topic><topic>Stochastic models</topic><topic>Stochastic systems</topic><topic>Stochasticity</topic><topic>Studies</topic><topic>Tightness</topic><topic>Upgrading</topic><topic>vulnerability graph</topic><toplevel>online_resources</toplevel><creatorcontrib>Xiaohu Li</creatorcontrib><creatorcontrib>Parker, P</creatorcontrib><creatorcontrib>Shouhuai Xu</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ProQuest Engineering Collection</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Engineering Database</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central (New)</collection><collection>ProQuest One Academic (New)</collection><collection>ProQuest One Academic Middle East (New)</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Applied &amp; Life Sciences</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ABI/INFORM Collection China</collection><collection>ProQuest Central Basic</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology &amp; Engineering</collection><collection>Engineering Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on dependable and secure computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Xiaohu Li</au><au>Parker, P</au><au>Shouhuai Xu</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Stochastic Model for Quantitative Security Analyses of Networked Systems</atitle><jtitle>IEEE transactions on dependable and secure computing</jtitle><stitle>TDSC</stitle><date>2011-01</date><risdate>2011</risdate><volume>8</volume><issue>1</issue><spage>28</spage><epage>43</epage><pages>28-43</pages><issn>1545-5971</issn><eissn>1941-0018</eissn><coden>ITDSCM</coden><abstract>Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems and (2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.</abstract><cop>Washington</cop><pub>IEEE</pub><doi>10.1109/TDSC.2008.75</doi><tpages>16</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1545-5971
ispartof IEEE transactions on dependable and secure computing, 2011-01, Vol.8 (1), p.28-43
issn 1545-5971
1941-0018
language eng
recordid cdi_proquest_miscellaneous_849468522
source IEEE Electronic Library (IEL)
subjects Analytical models
Authentication
Computer networks
Computer science
Courthouses
Cryptographic protocols
Cryptography
Digital Object Identifier
Exploitation
Graphs
Intrusion
Intrusion detection
Intrusion detection systems
Mathematical analysis
Mathematical models
Network security
Network topology
networked systems
quantitative security analysis
Random variables
Security
security metric
Security modeling
Simulation
Steady-state
Stochastic models
Stochastic systems
Stochasticity
Studies
Tightness
Upgrading
vulnerability graph
title A Stochastic Model for Quantitative Security Analyses of Networked Systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-20T21%3A32%3A51IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Stochastic%20Model%20for%20Quantitative%20Security%20Analyses%20of%20Networked%20Systems&rft.jtitle=IEEE%20transactions%20on%20dependable%20and%20secure%20computing&rft.au=Xiaohu%20Li&rft.date=2011-01&rft.volume=8&rft.issue=1&rft.spage=28&rft.epage=43&rft.pages=28-43&rft.issn=1545-5971&rft.eissn=1941-0018&rft.coden=ITDSCM&rft_id=info:doi/10.1109/TDSC.2008.75&rft_dat=%3Cproquest_RIE%3E849468522%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=771949064&rft_id=info:pmid/&rft_ieee_id=4695835&rfr_iscdi=true