Adversary-driven state-based system security evaluation

Elizabeth LeMay, Willard Unkenholz, Donald Parks, Carol Muehrcke, Ken Keefe, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

To provide insight on system security and aid decision-makers, we propose the ADversary VIew Security Evaluation (ADVISE) method to quantitatively evaluate the strength of a system's security. Our approach is to create an executable state-based security model of a system. The security model is initialized with information characterizing the system and the adversaries attacking the system. The model then simulates the attack behavior of the adversaries to produce a quantitative assessment of system security strength. This paper describes the system and adversary characterization data that are collected as input for the executable model. This paper also describes the simulation algorithms for adversary attack behavior and the computation for the probability that an attack attempt is successful. A simple case study illustrates how to analyze system security using the ADVISE method. A tool is currently under development to facilitate automatic model generation and simulation. The ADVISE method aggregates security-relevant information about a system and its adversaries to produce a quantitative security analysis useful for holistic system security decisions.

Original languageEnglish (US)
Title of host publication6th International Workshop on Security Measurements and Metrics, MetriSec 2010
DOIs
StatePublished - 2010
Event6th International Workshop on Security Measurements and Metrics, MetriSec 2010 - Bolzano, Italy
Duration: Sep 15 2010Sep 15 2010

Publication series

Name6th International Workshop on Security Measurements and Metrics, MetriSec 2010

Other

Other6th International Workshop on Security Measurements and Metrics, MetriSec 2010
CountryItaly
CityBolzano
Period9/15/109/15/10

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality

Cite this