Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
نویسندگان
چکیده
This paper presents the results of an experiment in security evaluation. The system is modeled as a privilege graph that exhibits its security vuinerabilities. Quantitative measures that estimate the effort an attacker might expend to exploit these vulnerabilities to defeat the system security objectives are proposed. A set of tools has been developed to compute such measures and has been used in an experiment to monitor a large real system for nearly two years. The experimental results are presented and the validity of the measures is discussed. Finally, the practical usefulness of such tools for operational security monitoring is shown and a comparison with other existing approaches is given.
منابع مشابه
Models and tools for quantitative assessment of operational security
This paper proposes a novel approach to help computing system administrators in monitoring the security of their systems. The approach is based on modeling the system as a privilege graph exhibiting operational security vulnerabilities and on transforming this privilege graph into a Markov chain corresponding to all possible successful attack scenarios. A set of tools has been developed to supp...
متن کاملQuantitative Assessment of Operational Security: Models and Tools*
This paper proposes a novel approach to help computing system administrators in monitoring the security of their systems. This approach is based on modeling the system as a privilege graph exhibiting operational security vulnerabilities and on transforming this privilege graph into a Markov chain corresponding to all possible successful attack scenarios. A set of tools has been developed to gen...
متن کاملFeatherweight Firefox: Formalizing the Core of a Web Browser
We offer a formal specification of the core functionality of a web browser in the form of a small-step operational semantics. The specification accurately models the asynchronous nature of web browsers and covers the basic aspects of windows, DOM trees, cookies, HTTP requests and responses, user input, and a minimal scripting language with first-class functions, dynamic evaluation, and AJAX req...
متن کاملRisk Analysis and Economic Load Dispatch Evaluation of Network with High Wind Power Penetration
This study based on investigation for integration wind power into conventional power system with its impact on fossil fuel generators and their generation management. Wind power as environmental friendly energy source can reduce the operational cost of the system due to considering no cost for energizing the generator in comparing with fossil fuel generators. However due to unpredictable nature...
متن کاملOn-Line Monitoring: A Tutorial
Computer lthough monitoring has been around since the early 1960s with the advent of debuggers, the field has recently made some exciting advances. Monitoring systems today monitor distributed applications and are often themselves distributed. In addition, they are increasingly seen as a viable solution to areas of growing concern: lack of dependability and tools to support distributed applicat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IEEE Trans. Software Eng.
دوره 25 شماره
صفحات -
تاریخ انتشار 1999