Abstract
This article presents the effort to model the computer system security using Stochastic Activity Network (SAN). SAN is a flexible and highly adaptable branch of Stochastic Petri Nets and has a well-developed software tool, Möbius. A known model of incident process and the computer system is adapted and extended. The computer system characterised by the working state and defence mechanism strength is affected by an attack described by using stochastically distributed severity levels. The attempt to bind a stochastic attack severity level to intrusion data parameters collected by Intrusion Detection Systems is presented. The model-based computer system quantitative characteristics are analysed and survivability is chosen to evaluate the modelled computer system security. The article concludes with simulation results and future work guidelines.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. IFIP TC-11. Computers and Security (1999), http://all.net/journal/ntb/simulate/simulate.html
Moitra, S.D., Konda, S.L.: A Simulation Model for Managing Survivability of Networked Information Systems. Networked survivable systems. CMU/SEI-2000-TR-020, p. 47 (2000)
Moitra, S.D., Konda, S.L.: The Survivability of Network Systems: An Empirical Analysis. CMU/SEI-2000-TR-021, p. 41 (2000)
Gupta, V., Lam, V., Ramasamy, H.V., Sanders, W.H., Singh, S.: Stochastic Modeling of Intrusion-Tolerant Server Architectures for Dependability and Performance Evaluation, p. 86 (2003)
Formal methods Europe: http://www.fmeurope.org/
Virtual library: formal methods: http://vl.fmnet.info/
Simulaworks: http://mathtools.softlock.net/
TimeNET: http://pdv.cs.tu-berlin.de/~timenet/
Sanders, W.H.: Möbius: Model-Based Environment for Validation of System Reliability, Availability, Security, and Performance. User Manual. Version 1.8.0, p. 212 (2005)
Sanders, W.H.: Construction and Solution of Performability models based on Stochastic Activity Networks. Ph.D thesis, University of Michigan, p. 223 (1988)
Sanders, W.H., Meyer, J.F.: Stochastic Activity Networks: Formal Definitions and Concepts. In: Brinksma, E., Hermanns, H., Katoen, J.-P. (eds.) EEF School 2000 and FMPA 2000. LNCS, vol. 2090, pp. 315–343. Springer, Heidelberg (2001)
Williamson, L.: Discrete Event Simulation in the Möbius Modeling Framework. Master’s Thesis. University of Illinois, p. 63 (1998)
Avizienis, A., Laprie, J.C., Randell, B.: Basic concepts and taxonomy of dependable and secure computing. Dependable and Secure Computing 1, 11–33 (2004)
Stevens, F., Courtney, T., Singh, S., Agbaria, A., Meyer, J.F., Sanders, W.H., Pal, P.: Model-Based Validation of an Intrusion-Tolerant Information System. In: Proc. 23rd Symp. Reliable Distributed Systems, p. 11 (2004)
Sanders, W.H., Meyer, J.F.: A unified approach for specifying measures of Performance, dependability, and performability. In: Dependable Computing for Critical Applications. Dependable Computing and Fault-Tolerant Systems, vol. 4, pp. 215–237. Springer, Heidelberg (1991)
Baker, A., Beale, J., Caswell, B.: Snort 2.1 Intrusion Detection, 2nd edn., p. 751. Syngress (2004)
Howard, J.D.: An analysis of security incidents on the Internet, 1989-1995. Ph.D thesis, Carnegie Mellon University, Department of Engineering and Public Policy (1997), http://www.cert.org/research/JHThesis/table_of_contents.html
Paulauskas, N., Garsva, E.: Computer System Attack Classification. Electronics and Electrical Engineering, Technology, Kaunas 2(66), 84–87 (2006)
What Are the Most Dangerous Internet Services?: http://www.cisco.com/warp/public/146/news_cisco/ekits/vulnerability_report.pdf
Distributed Intrusion Detection System Reports and Database Summaries: http://www.dshield.org/reports.php
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Garsva, E. (2006). Computer System Survivability Modelling by Using Stochastic Activity Network. In: Górski, J. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2006. Lecture Notes in Computer Science, vol 4166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11875567_6
Download citation
DOI: https://doi.org/10.1007/11875567_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45762-6
Online ISBN: 978-3-540-45763-3
eBook Packages: Computer ScienceComputer Science (R0)