Stochastic Models for Combined Security and Dependability Evaluation
MetadataShow full item record
Security is a topic of ever increasing interest. Today it is widely accepted that, due to the unavoidable presence of vulnerabilities, design faults and administrative errors, an ICT system will never be totally secure. Connecting a system to a network will necessarily introduce a risk of inappropriate access resulting in disclosure, corruption and/or loss of information. Therefore, the security of a system should ideally be interpreted in a probabilistic manner. More specifically, there is an urgent need for modelling methods that provide operational measures of the security. Dependability, on the other hand, is the ability of a computer system to deliver service that can justifiably be trusted. In a dependability context one distinguishes between accidental faults, which are modelled as random processes, and intentional faults, i.e., attacks, which in most cases are not considered at all. A major drawback of this approach is that attacks may in many cases be the dominating failure source for today’s networked systems. The classical way of dependability evaluation can therefore be very deceptive: highly dependable systems may in reality fail much more frequently than expected, due to the exploitation from attackers. To be considered trustworthy, a system must be both dependable and secure. However, these two aspects have so far tended to be treated separately. A unified modelling framework for security and dependability evaluation would be advantageous from both points of view. The security community can benefit from the mature dependability modelling techniques, which can provide the operational measures that are so desirable today. On the other hand, by adding hostile actions to the set of possible fault sources, the dependability community will be able to make more realistic models than the ones that are currently in use. This thesis proposes a stochastic modeling approach, which can be used to predict a system’s security and dependability behavior. As will be seen, the basic model has a number of possible applications. For example, it can be used as a tool for trade-off analysis of security countermeasures, or it can be used as a basis for real-time assessment of the system trustworthiness.
Has partsSallhammar, Karin; Knapskog, Svein J. Using Game Theory in Stochastic Models for Quantifying Security. In Proceedings of the 9th Nordic Workshop on Secure IT-systems (NordSec 2004), 2004.
Sallhammar, Karin; Knapskog, Svein J; Helvik, Bjarne E. Using Stochastic Game Theory to Compute the Expected Behavior of Attackers. Proceedings of the 2005 International Symposium on Applications and the Internet (Saint 2005), 2005.
Sallhammar, Karin; Helvik, Bjarne E; Knapskog, Svein J. Incorporating Attacker Behavior in Stochastic Models of Security. Proceedings of the 2005 International Conference on Security and Management (SAM’05), 2005.
Sallhammar, Karin; Helvik, Bjarne E; Knapskog, Svein J. On Stochastic Modeling for Integrated Security and Dependability Evaluation. The Journal of Networks. 1(5): 31-42, 2006.
Årnes, André; Sallhammar, Karin; Haslum, Kjetil; Brekne, Tønnes; Moe, Marie Elisabeth Gaup; Sallhammar, Karin. Real-time Risk Assessment with Network Sensors and Intrusion Detection Systems. Proceedings of the 2005 International Conference on Computational Intelligence and Security (CIS’05), 2005.
Sallhammar, Karin; Helvik, Bjarne E; Knapskog, Svein J. A Framework for Predicting Security and Dependability Measures in Real-time. International Journal of Computer Science and Network Security. 7(3): 169-183, 2007.