State space approach to security quantification

In this paper, we describe three different state space models for analyzing the security of a software system. In the first part of this paper, we utilize a semi-Markov process (SMP) to model the transitions between the security states of an abstract software system. The SMP model can be solved to obtain the probability of reaching security failed states along with the meantime to security failure (MTTSF). In the second part of the paper, we use a discrete event dynamic system model of security dynamics. We show how to derive events and transitions from existing security taxonomies. We then apply theory of discrete event control to define safety properties of the computer system in terms of the basic concepts of controllability used in discrete event control for two special sublanguages K/sub s/ and K/sub v/. These languages correspond to maximally robust controllable sub-languages. In the third approach, we show that by associating cost with the state transitions, the security quantification problem can be casted as Markov decision problem (MDP). This MOP can be solved to obtain an optimal controllable language K/sub s//spl sube/K/sub v/ the gives the minimal cost safe security policy.

[1]  J. Wang,et al.  Proceedings of the 29th Annual International Computer Software and Applications Conference—Workshops and Fast Abstracts COMPSAC 2005 , 2005 .

[2]  David R. Cox,et al.  The Theory of Stochastic Processes , 1967, The Mathematical Gazette.

[3]  Nancy R. Mead,et al.  Survivability: Protecting Your Critical Systems , 1999, IEEE Internet Comput..

[4]  Carl E. Landwehr,et al.  A Taxonomy of Computer Program Security Flaws, with Examples , 1993 .

[5]  Shashi Phoha,et al.  Automated generation of discrete event controllers for dynamic reconfiguration of autonomous sensor networks , 2003, SPIE Optics + Photonics.

[6]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[7]  Samuel Karlin,et al.  ELEMENTS OF STOCHASTIC PROCESSES , 1975 .

[8]  Kishor S. Trivedi Probability and Statistics with Reliability, Queuing, and Computer Science Applications , 1984 .

[9]  Carl E. Landwehr,et al.  A taxonomy of computer program security flaws , 1993, CSUR.

[10]  Thomas A. Longstaff,et al.  A common language for computer security incidents , 1998 .

[11]  P. Ramadge,et al.  Supervisory control of a class of discrete event processes , 1987 .

[12]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[13]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[14]  Hal Berghel,et al.  The Code Red Worm , 2001, CACM.

[15]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[16]  Erland Jonsson,et al.  The Remedy Dimension of Vulnerability Analysis , 1998 .

[17]  S. Marcus,et al.  On controllability and normality of discrete event dynamical systems , 1991 .

[18]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[19]  Vijay K. Garg,et al.  Modeling and Control of Logical Discrete Event Systems , 1994 .

[20]  Kishor S. Trivedi,et al.  Characterizing intrusion tolerant systems using a state transition model , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[21]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.

[22]  Hermann Kopetz,et al.  Fault tolerance, principles and practice , 1990 .

[23]  Jeannette M. Wing,et al.  Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.

[24]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[25]  Somesh Jha,et al.  Minimization and Reliability Analyses of Attack Graphs , 2002 .