Abstract
It is important for trusted intranets to focus on network security as a whole with dynamic and formalized analysis. The qualitative and current quantitative methods have difficulties to reach the requirements. After analyzing the attacking process, a Jackson network-based model with absorbing states is proposed, where the absorbing states mean the attacks succeed or fail. We compute the steady-state joint probability distribution of network nodes, the mean time of attack data spent in network, and the probabilities from the network entry node to absorbing states. According to the analysis of the above measures, we analyze the relationship between network security and performance.
This work is supported by a grant from Hubei Provincial Natural Science Foundation (No. 2004ABA018), and Science and Technology Program of Hubei Provincial Department of Education (No. 2004D005), and Science and Technology Program of Hubei Provincial Department of Education (No. D200523007).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Zhang, Y.R., Xian, M., Zhao, Z.C., Xiao, S.P., Wang, G.Y.: A study on the evaluation technology of the attack effect of computer networks. Guofang Keji Daxue Xue-bao/Journal of National Journal of National University of Defense Technology 24(5), 24–28 (2002) (Chinese)
Jonsson, E., Olovsson, T.: A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering 23(4), 235–245 (1997)
Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: Proc. of International Conference on Software Engineering, May 2002, pp. 232–240 (2002)
Madan, B.B., Goseva-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: Modeling and quantification of security attributes of software systems. In: Proc. of International Conference on Dependable Systems and Networks, pp. 505–514 (June 2002)
Medhi, J.: Stochastic processes. Wiley, New York (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Xiang, Z., Chen, Y., Jian, W., Yan, F. (2005). A Jackson Network-Based Model for Quantitative Analysis of Network Security. In: Kantor, P., et al. Intelligence and Security Informatics. ISI 2005. Lecture Notes in Computer Science, vol 3495. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427995_52
Download citation
DOI: https://doi.org/10.1007/11427995_52
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25999-2
Online ISBN: 978-3-540-32063-0
eBook Packages: Computer ScienceComputer Science (R0)