论文信息 - Simulation of Risk Propagation Model in Information Systems

Simulation of Risk Propagation Model in Information Systems

The existing risk propagation models are limited and inadequate in analyzing cyber attacks caused by various threats in information systems, because it has focus on only a specific threat such as a virus or a worm. Therefore, risk propagation model based on the Markov process is proposed, which can be applied to diverse threats in information systems. The proposed model enables us to predict the occurrence probability and occurrence frequency for each threat in the information system. In this paper, in order to verify the proposed model, the simulations are performed using several scenarios.

Soo-Hyun Park | Dongwon Jeong | Doo-Kwon Baik | Young-Gab Kim

[1] Kishor S. Trivedi. Probability and Statistics with Reliability, Queuing, and Computer Science Applications , 1984 .

[2] Roy D. Yates,et al. Probability and stochastic processes , 1998 .

[3] Doo-Kwon Baik,et al. A Probabilistic Approach to Estimate the Damage Propagation of Cyber Attacks , 2005, ICISC.

[4] G. Stoneburner,et al. Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[5] Averill M. Law,et al. Simulation Modeling and Analysis , 1982 .