Abstract
For analyzing computer system security, the system visitor could be classified into five kinds by his privilege to access system resource, and presented the model base on privilege escalation. The attacker can enhance his privilege by exploiting vulnerability, according to distribution of vulnerabilities privilege set, we could construct fault tree to reflect distinctly potential attack path, and so this method could quantificational express security state at different security policy via analyzing fault tree.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CERT/CC.: CERT/CC Statistics (1988-2003), Available online at http://www.cert.org/stats/cert_stats.html#vulnerabilities
de Vivo, M., Carrasco, E.: A review of port scanning techniques. ACM SIGCOMM Computer Communication Review 29(2), 41–48 (1999)
NMAP (2004), http://www.insecure.org/nmap/index.html
Arkin, O.: ICMP Usage in Scanning, Version 3.0 (June 2003)
ISS (2004), http://www.iss.com/
Ortalo, R., Deswarte, Y.: Affiliate: Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Transactions on Software Engineering 25(5), 633–650 (1999)
Ramakrishnan, C., Sekar, R.: Model-based analysis of configuration vulnerabilities. Journal of Computer Security 10(1-2), 189–209 (2002)
Yuan, W., Fan, J., Guo-liang, C.: A Network Security Analysis Method Research and Application Based on Graph Theory. Mini-Micro Systems 24(10), 1865–1869 (2003)
Longstaff, T.: Update: Cert/cc vulnerability knowledgebase. In: Technical presentation at a DARPA workshop in Savannah, Georgia (February 1997)
Littlewood, B., Brocklehurst, S., Fenton, N., Mellor, P., Page, S.: Towards Operational Measures of Computer Security. Journal of Computer Security 2(2/3), 211–229 (1993)
Xu-jia, X., Chuang, L., Yi-xin, J.: A Survey of Computer Vulnerability Assessment. Chinese Journal of Computers 27, 1–11 (2004)
Li-dong, W.: Quantitative Security Risk Assessment Method for Computer System and Network. Ph.D.thesis, Harbin Institute of Technology, 3 (2002)
Yong-zheng, Z., Xiao-chun, Y.: A New Vulnerbality Taxomomy Based on Privilege Escalation. In: 2004 Sixth Internatioan Conference on Enterprise Information Systems Proceedings. Porto: INSTICC (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, T., Hu, M., Yun, X., Zhang, Y. (2005). Computer Vulnerability Evaluation Using Fault Tree Analysis. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2005. Lecture Notes in Computer Science, vol 3439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31979-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-31979-5_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25584-0
Online ISBN: 978-3-540-31979-5
eBook Packages: Computer ScienceComputer Science (R0)