Chang, Xiaolin; Lv, Shaohua; Rodríguez, Ricardo J; Trivedi, Kishor
Survivability Model for Security and Dependability Analysis of a Vulnerable Critical System Proceedings Article
In: Proceedings of the 2018 27th International Conference on Computer Communication and Networks (ICCCN), pp. 1–6, 2018, ISSN: 1095-2055.
Abstract | Links | BibTeX | Tags: Quantitative analysis, Reactive defense strategy, Security, Stochastic reward nets, Survivability
@inproceedings{CLRT-ICCCN-18,
title = {Survivability Model for Security and Dependability Analysis of a Vulnerable Critical System},
author = {Xiaolin Chang and Shaohua Lv and Ricardo J Rodríguez and Kishor Trivedi},
url = {http://webdiis.unizar.es/~ricardo/files/papers/CLRT-ICCCN-18.pdf},
doi = {10.1109/ICCCN.2018.8487446},
issn = {1095-2055},
year = {2018},
date = {2018-01-01},
booktitle = {Proceedings of the 2018 27th International Conference on Computer Communication and Networks (ICCCN)},
pages = {1--6},
abstract = {This paper aims to analyze transient security and dependability of a vulnerable critical system, under vulnerability-related attack and two reactive defensestrategies, from a severe vulnerability announcement untilthe vulnerability is fully removed from the system. By severe, we mean that the vulnerability-based malware could causesignificant damage to the infected system in terms ofsecurity and dependability while infecting more and morenew vulnerable computer systems. We propose a Markov chain-based survivability model for capturing thevulnerable critical system behaviors during the vulnerability elimination process. A high-level formalism based on Stochastic Reward Nets is applied to automaticallygenerate and solve the survivability model. Survivabilitymetrics are defined to quantify system attributes. The proposed model and metrics not only enable us toquantitatively assess the system survivability in terms ofsecurity risk and dependability, but also provide insights onthe system investment decision. Numerical experiments areconstructed to study the impact of key parameters on systemsecurity, dependability and profit.},
keywords = {Quantitative analysis, Reactive defense strategy, Security, Stochastic reward nets, Survivability},
pubstate = {published},
tppubtype = {inproceedings}
}
This paper aims to analyze transient security and dependability of a vulnerable critical system, under vulnerability-related attack and two reactive defensestrategies, from a severe vulnerability announcement untilthe vulnerability is fully removed from the system. By severe, we mean that the vulnerability-based malware could causesignificant damage to the infected system in terms ofsecurity and dependability while infecting more and morenew vulnerable computer systems. We propose a Markov chain-based survivability model for capturing thevulnerable critical system behaviors during the vulnerability elimination process. A high-level formalism based on Stochastic Reward Nets is applied to automaticallygenerate and solve the survivability model. Survivabilitymetrics are defined to quantify system attributes. The proposed model and metrics not only enable us toquantitatively assess the system survivability in terms ofsecurity risk and dependability, but also provide insights onthe system investment decision. Numerical experiments areconstructed to study the impact of key parameters on systemsecurity, dependability and profit.
Rodríguez, Ricardo J; Chang, Xiaolin; Li, Xiaodan; Trivedi, Kishor S
Survivability Analysis of a Computer System under an Advanced Persistent Threat Attack Proceedings Article
In: Kordy, Barbara; Ekstedt, Mathias; Kim, Seong Dong (Ed.): Proceedings of the 3rd International Workshop on Graphical Models for Security, pp. 134–149, 2016.
Abstract | Links | BibTeX | Tags: APT, Cyberattacks, Markov chains, Security metrics, Stochastic reward nets, Survivability, Transient analysis
@inproceedings{RCLT-GraMSec-16,
title = {Survivability Analysis of a Computer System under an Advanced Persistent Threat Attack},
author = {Ricardo J Rodríguez and Xiaolin Chang and Xiaodan Li and Kishor S Trivedi},
editor = {Barbara Kordy and Mathias Ekstedt and Seong Dong Kim},
url = {http://webdiis.unizar.es/~ricardo/files/papers/RCLT-GraMSec-16.pdf},
doi = {10.1007/978-3-319-46263-9_9},
year = {2016},
date = {2016-01-01},
booktitle = {Proceedings of the 3rd International Workshop on Graphical Models for Security},
volume = {9987},
pages = {134--149},
abstract = {Computer systems are potentially targeted by cybercriminals by means of specially crafted malicious software called Advanced Persistent Threats (APTs). As a consequence, any security attribute of the computer system may be compromised: disruption of service (availability), unauthorized data modification (integrity), or exfiltration of sensitive data (confidentiality). An APT starts with the exploitation of software vulnerability within the system. Thus, vulnerability mitigation strategies must be designed and deployed in a timely manner to reduce the window of exposure of vulnerable systems. In this paper, we evaluate the survivability of a computer system under an APT attack using a Markov model. Generation and solution of the Markov model are facilitated by means of a high-level formalism based on stochastic Petri nets. Survivability metrics are defined to quantify security attributes of the system from the public announcement of a software vulnerability and during the system recovery. The proposed model and metrics not only enable us to quantitatively assess the system survivability in terms of security attributes but also provide insights on the cost/revenue trade-offs of investment efforts in system recovery such as vulnerability mitigation strategies. Sensitivity analysis through numerical experiments is carried out to study the impact of key parameters on system secure survivability.},
keywords = {APT, Cyberattacks, Markov chains, Security metrics, Stochastic reward nets, Survivability, Transient analysis},
pubstate = {published},
tppubtype = {inproceedings}
}
Computer systems are potentially targeted by cybercriminals by means of specially crafted malicious software called Advanced Persistent Threats (APTs). As a consequence, any security attribute of the computer system may be compromised: disruption of service (availability), unauthorized data modification (integrity), or exfiltration of sensitive data (confidentiality). An APT starts with the exploitation of software vulnerability within the system. Thus, vulnerability mitigation strategies must be designed and deployed in a timely manner to reduce the window of exposure of vulnerable systems. In this paper, we evaluate the survivability of a computer system under an APT attack using a Markov model. Generation and solution of the Markov model are facilitated by means of a high-level formalism based on stochastic Petri nets. Survivability metrics are defined to quantify security attributes of the system from the public announcement of a software vulnerability and during the system recovery. The proposed model and metrics not only enable us to quantitatively assess the system survivability in terms of security attributes but also provide insights on the cost/revenue trade-offs of investment efforts in system recovery such as vulnerability mitigation strategies. Sensitivity analysis through numerical experiments is carried out to study the impact of key parameters on system secure survivability.