A Stochastic Model for Quantitative Security Analysis of Networked Systems

Traditional security analyses are often geared towards cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state-of-the-art is that we know little about it. Towards ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems, and (2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions the steady-state number of compromised entities of interest is below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.
Date: February 02, 2008
Book Title: IEEE Transactions on Dependable and Secure Computing (IEEE TDSC)
Type: InProceedings
Publisher: IEEE
Downloads: 878

Has 1 soft copy


remote link

Bibtex


@InProceedings{A_Stochastic_Model_for_Quantitative_Secu,
  author = "Xiaohu Li and Paul Parker and Shouhuai Xu",
  title = "{A Stochastic Model for Quantitative Security Analysis of Networked Systems}",
  month = "February",
  year = "2008",
  booktitle = "IEEE Transactions on Dependable and Secure Computing (IEEE TDSC)",
  publisher = "IEEE",
}