CPL - Chalmers Publication Library

Security intrusion process: an empirical model

Författare och institution:
Erland Jonsson (Institutionen för datorteknik); Tomas Olovsson (Institutionen för datorteknik)
Publicerad i:
IEEE Aerospace and Electronic Systems Magazine, 12 ( 4 ) s. 7-17
ISSN:
0885-8985
Publikationstyp:
Artikel, refereegranskad vetenskaplig
Publiceringsår:
1997
Språk:
engelska
Fulltextlänk:
Sammanfattning (abstract):
This paper describes a security model developed from empirical data collected from a realistic intrusion experiment in which a number of undergraduate students were invited to attack a distributed computer system. Relevant data, with respect to their intrusion activities, were recorded continuously. We have worked out a hypothesis on typical attacker behavior based on experiences from this and other similar experiments. The hypothesis suggests that the attacking process can be split into three phases: the learningphase, the standard attack phase and the innovative attack phase. The probability for successful attacks during the learning phase is expected to be small and, if a breach occurs, it is rather a result of pure luck than deliberate action. During the standard attack phase, this probability is considerably higher, whereas it decreases again in the innovative attack phase. The collected data indicates that the breaches during the standard attack phase are statistically equivalent. Furthermore, the times between breaches seem to be exponentially distributed, which means that traditional methods for reliability modelling of component failures may be applicable.
Ämne (baseras på Högskoleverkets indelning av forskningsämnen):
NATURVETENSKAP ->
Data- och informationsvetenskap ->
Datavetenskap (datalogi) ->
Databehandling
NATURVETENSKAP ->
Data- och informationsvetenskap ->
Systemvetenskap, informationssystem och informatik ->
Informationsteknologi
NATURVETENSKAP ->
Data- och informationsvetenskap ->
Datorteknik
Nyckelord:
security, security evaluation, attacker behavior, penetration test
Chalmers styrkeområden:
Informations- och kommunikationsteknik
Postens nummer:
167745
Posten skapad:
2012-12-13 16:52
Posten ändrad:
2013-08-26 15:35

Visa i Endnote-format