The Survivability of Network Systems: An Empirical Analysis

Abstract : This report presents an extended analysis of CERT Coordination Center incidents data (from 1988 to 1995) and applies the results to simulate attacks and their impacts on network sites. The data were "sanitized" prior to the analysis to ensure complete anonymity. A model for the incidents process is discussed and extended. It consists of three parts: a stochastic process for the random occurrence of incidents at sites, a model for the state transition process for an attacked system given a level of defense, and a method of estimating the expected survivability of the system given possible degradations due to these attacks. This approach leads to the estimation of a survivability/cost function, which shows the tradeoffs involved between cost and system survivability. IS managers can use this to determine the most appropriate level of defense for the network systems of their organizations. The stochastic process was simulated based on parameter values obtained from actual reported data. Extensive sensitivity analyses are reported that indicate how expected survivability would change with varying parameter analysis results values. The report concludes with a discussion of future work to be done and the appendix has details of the simulation model and further data.

[1]  Carol A. Siegel,et al.  Internet Security for Business , 1996 .

[2]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[3]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[4]  Averill M. Law,et al.  Simulation Modeling and Analysis , 1982 .

[5]  Suresh L. Konda,et al.  A Simulation Model for Managing Survivability of Networked Information Systems , 2000 .

[6]  Debra Cameron E-commerce Security Strategies: Protecting the Enterprise , 1998 .

[7]  Richard H. Baker Network Security: How to Plan for It and Achieve It , 1994 .

[8]  Fred Cohen,et al.  Simulating cyber attacks, defences, and consequences , 1999, Comput. Secur..

[9]  Donald L. Snyder,et al.  Random Point Processes in Time and Space , 1991 .

[10]  Dieter Gollmann,et al.  Computer Security , 1979, Lecture Notes in Computer Science.

[11]  Eiji Oki,et al.  Some new survivability measures for network analysis and design , 1997 .

[12]  David A. Fisher,et al.  Emergent algorithms-a new method for enhancing survivability in unbounded systems , 1999, Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences. 1999. HICSS-32. Abstracts and CD-ROM of Full Papers.

[13]  Gerald L. Kovacich I-way robbery: Crime on the internet , 1999, Comput. Secur..

[14]  Nancy R. Mead,et al.  Requirements definition for survivable network systems , 1998, Proceedings of IEEE International Symposium on Requirements Engineering: RE '98.

[15]  Thomas A. Longstaff,et al.  A common language for computer security incidents , 1998 .

[16]  李幼升,et al.  Ph , 1989 .