@article{10.1109/32.815323,
author = {Rodolphe Ortalo and Yves Deswarte and Mohamed Kaaniche},
title = {Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security},
journal = {IEEE Transactions on Software Engineering},
volume = {25},
number = {5},
year = {1999},
issn = {0098-5589},
pages = {633--650},
doi = {http://doi.ieeecomputersociety.org/10.1109/32.815323},
abstract = {This paper presents the results of an experiment in security evaluation. The system is modeled as a privilege graph that exhibits its security vulnerabilities. Quantitative measures that estimate the effort an attacker might expend to exploit these vulnerabilities to defeat the system security objectives are proposed. A set of tools has been developed to compute such measures and has been used in an experiment to monitor a large real system for nearly two years. The experimental results are presented and the validity of the measures is discussed. Finally, the practical usefulness of such tools for operational security monitoring is shown and a comparison with other existing approaches is given.},
keywords = {Security assessment, operational vulnerabilities, privilege graph, quantitative evaluation}
}
@article{1335465,
title = {Basic concepts and taxonomy of dependable and secure computing},
author = {Avizienis, A. and Laprie, J.-C. and Randell, B. and Landwehr, C.},
journal = {IEEE Transactions on Dependable and Secure Computing},
year = {2004},
month = {Jan--March},
volume = {1},
number = {1},
pages = {11--33},
keywords = { data privacy, fault tolerant computing, security of data, software reliability, system recovery dependable computing, fault forecasting, fault prevention, fault removal, fault tolerance, secure computing, system attacks, system availability, system failures, system integrity, system maintainability, system reliability, system safety, system security, system vulnerabilities, taxonomy},
doi = {http://dx.doi.org/10.1109/TDSC.2004.2},
issn = {1545-5971},
abstract = {This paper gives the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability and security (faults, errors, failures), their attributes, and the means for their achievement (fault prevention, fault tolerance, fault removal, fault forecasting). The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of system failures.}
}
@inproceedings{10.1109/RISP.1990.63859,
author = {L. Todd Heberlein and Gihan V. Dias and Karl N. Levitt and Biswanath Mukherjee and Jeff Wood and David Wolber},
title = {A Network Security Monitor},
booktitle = {IEEE Symposium on Security and Privacy},
year = {1990},
month = {May},
pages = {296--304},
keywords = {local area networks, security of dataEthernet, hierarchical model, host-based intrusion-detection systems, local area network, network resources, network security monitor, single broadcast LAN},
doi = {http://doi.ieeecomputersociety.org/10.1109/RISP.1990.63859},
abstract = {The study of security in computer networks is a rapidly growing area of interest because of the proliferation of networks and the paucity of security measures in most current networks. Since most networks consist of a collection of inter-connected local area networks (LANs), this paper concentrates on the security-related issues in a single broadcast LAN such as Ethernet. We formalize various possible network attacks. Our basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, our work is similar to the host-based intrusion-detection systems such as SRI's IDES [9]. Different from such systems, however, is our use of a hierarchical model to refine the focus of the intrusion-detection mechanism. We also report on the development of our experimental LAN monitor currently under implementation. Several network attacks have been simulated and results on how the monitor has been able to detect these attacks are also analyzed. Initial results demonstrate that many network attacks are detectable with our monitor, although it can surely be defeated. Current work is focusing on the integration of network monitoring with host-based techniques.}
}
@inproceedings{DBLP:conf/fskd/Savola06,
author = {Reijo Savola},
title = {Towards Security Evaluation Based on Evidence Collection},
booktitle = {Proceedings of the 3rd International Conference on Fuzzy Systems and Knowledge Discovery (FSKD)},
year = {2006},
pages = {1178--1181},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4223},
doi = {http://dx.doi.org/10.1007/11881599_146},
abstract = {Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. We introduce a general-level holistic framework for security evaluation based on security behavior modeling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation set-ups in real-world systems.}
}
@article{10.1109/32.588541,
author = {Erland Jonsson and Tomas Olovsson},
title = {A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior},
journal = {IEEE Transactions on Software Engineering},
volume = {23},
number = {4},
year = {1997},
month = {April},
pages = {235--245},
doi = {http://doi.ieeecomputersociety.org/10.1109/32.588541},
keywords = {authorisation, computer crime, message authentication, social aspects of automationalleged attacker, attacker behavior, attacking process, computer security, conceptual framework, empirical data, external attacks, innovative attack phase, intrusion experiments, learning phase, operational security, preventive security, quantitative model, quantitative terms, reliability modeling, security intrusion process, standard attack phase},
abstract = {This paper is based on a conceptual framework in which security can be split into two generic types of characteristics, behavioral and preventive. Here, preventive security denotes the system's ability to protect itself from external attacks. One way to describe the preventive security of a system is in terms of its interaction with the alleged attacker, i.e., by describing the intrusion process. To our knowledge, very little is done to model this process in quantitative terms. Therefore, based on empirical data collected from intrusion experiments, we have worked out a hypothesis on typical attacker behavior. The hypothesis suggests that the attacking process can be split into three phases: the learning phase, the standard attack phase, and the innovative attack phase. The probability for successful attacks during the learning and innovative phases is expected to be small, although for different reasons. During the standard attack phase it is expected to be considerably higher. The collected data indicates that the breaches during the standard attack phase are statistically equivalent and that the times between breaches are exponentially distributed. This would actually imply that traditional methods for reliability modeling could be applicable.}
}
@inbook{MaConcepcion2007,
author = {Chunyan Ma and Arturo Concepcion},
title = {Technologies for Business Information Systems},
chapter = {A Security Evaluation Model for Multi-Agent Distributed Systems},
publisher = {Springer Netherlands},
year = {2007},
doi = {http://dx.doi.org/10.1007/1-4020-5634-6},
month = {May},
pages = {403--415}
}
@mastersthesis{BondPahlsson2004,
author = {Bond, Anders and Pahlsson, Nils},
title = {A Quantitative Evaluation Framework for Component Security in Distributed Information Systems},
school = {Linkoping University, Department of Electrical Engineering},
year = {2004},
type = {Undergraduate thesis Y-level (Information Theory)},
url = {http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-2410},
keywords = {Quantitative, Security Evaluation, Threat Assessment, Distributed Information Systems, Common Criteria, Evaluation Framework, Component Security
},
abstract = {The Heimdal Framework presented in this thesis is a step towards an unambiguous framework that reveals the objective strength and weaknesses of the security of components. It provides a way to combine different aspects affecting the security of components - such as category requirements, implemented security functionality and the environment in which it operates - in a modular way, making each module replaceable in the event that a more accurate module is developed.\par The environment is assessed and quantified through a methodology presented as a part of the Heimdal Framework. The result of the evaluation is quantitative data, which can be presented with varying degrees of detail, reflecting the needs of the evaluator. \par The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The evaluation method is focusing on technological components and is based on, but not limited to, the Security Functional Requirements (SFR) of the Common Criteria.}
}
This file was generated by bibtex2html 1.96.