Change search
ReferencesLink to record
Permanent link

Direct link
Assessing Security Risk to a Network Using a Statistical Model of Attacker Community Competence
RISE, Swedish ICT, SICS. IAM.
Number of Authors: 1
2009 (English)Conference paper (Refereed)
Abstract [en]

We propose a novel approach for statistical risk modeling of network attacks that lets an operator perform risk analysis using a data model and an impact model on top of an attack graph in combination with a statistical model of the attacker community exploitation skill. The data model describes how data flows between nodes in the network -- how it is copied and processed by softwares and hosts -- while the impact model models how exploitation of vulnerabilities affects the data flows with respect to the confidentiality, integrity and availability of the data. In addition, by assigning a loss value to a compromised data set, we can estimate the cost of a successful attack. The statistical model lets us incorporate real-time monitor data from a honeypot in the risk calculation. The exploitation skill distribution is inferred by first classifying each vulnerability into a required exploitation skill-level category, then mapping each skill-level into a distribution over the required exploitation skill, and last applying Bayesian inference over the attack data. The final security risk is thereafter computed by marginalizing over the exploitation skill.

Place, publisher, year, edition, pages
2009, 6. , 17 p.
Keyword [en]
Intrusion detection, Risk analysis, Network security, Security metrics
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:ri:diva-23660OAI: oai:DiVA.org:ri-23660DiVA: diva2:1042737
Conference
Eleventh International Conference on Information and Communications Security (ICICS 2009)
Projects
MONDISCNS
Note
The original publication is available at www.springerlink.com.Available from: 2016-10-31 Created: 2016-10-31

Open Access in DiVA

fulltext(299 kB)2 downloads
File information
File name FULLTEXT01.pdfFile size 299 kBChecksum SHA-512
1986cbe6cab8352b6b06a42f93294bbdf0a634887090f0a2c3784a931b2e2d2438f3df032d4467f43a937611c05e4f54fcde661aa64efb891a56fa15fabe05d6
Type fulltextMimetype application/pdf

Other links

http
By organisation
SICS
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 2 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 3 hits
ReferencesLink to record
Permanent link

Direct link