First International Conference on Availability, Reliability and Security (ARES'06) 2006
DOI: 10.1109/ares.2006.137
|View full text |Cite
|
Sign up to set email alerts
|

Towards a stochastic model for integrated security and dependability evaluation

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
24
0

Year Published

2006
2006
2022
2022

Publication Types

Select...
4
3
1

Relationship

0
8

Authors

Journals

citations
Cited by 35 publications
(24 citation statements)
references
References 15 publications
0
24
0
Order By: Relevance
“…They propose that attacker and administrator actions probabilistically change the state of a network, resulting in gains and losses for the two players involved. Sallhammar et al [16,17] propose the use of stochastic game theory to compute probabilities to attacker actions. They also share the view that attacks can be modeled as transitions between system states, and show how the attacker's behavior is influenced by parameters of the game on-going with the defender.…”
Section: Related Workmentioning
confidence: 99%
“…They propose that attacker and administrator actions probabilistically change the state of a network, resulting in gains and losses for the two players involved. Sallhammar et al [16,17] propose the use of stochastic game theory to compute probabilities to attacker actions. They also share the view that attacks can be modeled as transitions between system states, and show how the attacker's behavior is influenced by parameters of the game on-going with the defender.…”
Section: Related Workmentioning
confidence: 99%
“…The quantitative analysis of model produces two useful metrics, steady-state availability and mean time to security failure (MTTSF). Similarly, Sallhammar et al (2006) developed stochastic model for security and dependability evaluation. Their approach uses game theory to model attacker behavior, as expected attacker behavior is driven by cost to perform attack and reward for successful attack.…”
Section: Related Workmentioning
confidence: 99%
“…We will refer to the cause of such a failure as an attack action, performed by an attacker. To incorporate attacker behavior in the stochastic process we use the same methodology as in [14,15] and multiply all the relevant state transition rates with a so called decision probability π i (a k ), which represents the probability that an attacker will actually choose to initiate attack action a k against the system when it is in state i. This is illustrated in Fig.…”
Section: Attack Modeling and Predictionmentioning
confidence: 99%
“…We generalize the discussion of n×2 game elements in [14] to n×n games, which means that we can model the interactions between an attacker and the system IDS mechanisms in a more realistic way. This paper also includes a more thorough quantitative analysis of the effect of the rewardand cost values on the expected attacker behavior than [15]. To further illustrate the results from applying the model to compute failure times for systems in a real-world context, we provide two additional, fairly detailed, case studies.…”
Section: Introductionmentioning
confidence: 98%
See 1 more Smart Citation