Skip to main content
SpringerLink
Log in

Modeling and Simulation for Security Risk Propagation in Critical Information Systems

  • Conference paper
Computational Intelligence and Security (CIS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4456))

Included in the following conference series:

Abstract

Existing risk propagation models are limited and inadequate for the analysis of cyber attacks caused by various threats to information systems, because of their limited focus only on one specific threat, such as a single virus or worm. Therefore, we herein propose a risk propagation model based on the Markov process, which can be applied to diverse threats to information systems. Furthermore, simulations including in case a threat occurs related with other threats are performed using five scenarios to verify the proposed model.

"This research was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Advancement)" (IITA-2006-(C1090-0603-0025)).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. In, H.P., Kim, Y.-G., Lee, T., Moon, C.-J., Jung, Y.-J., Kim, I., Baik, D.-K.: A Security Analysis Model for Information Systems. In: Baik, D.-K. (ed.) Systems Modeling and Simulation: Theory and Applications. LNCS (LNAI), vol. 3398, pp. 505–513. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Stoneburner, G., Goguen, A., Feringa, A.: Risk Management Guide for Information Technology Systems, NIST Special Publication 800–830. NIST (2002)

    Google Scholar 

  3. GAO: Information Security Risk Assetment-Practices of Leading Organizations. GAO/AIMD-00-33 (1999)

    Google Scholar 

  4. Kim, Y.-G, Lee, T., In, H.P., Jung, Y.-J., Kim, I., Baik, D.-K.: A Probabilistic Approach to Estimate the Damage Propagation of Cyber Attacks. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 175–185. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Kim, Y.-G., Jeong, D., Park, S.-H., Baik, D.-K.: Simulation of Risk Propagation Model in Information Systems. In: Proc. of the 2006 International Conference on Computational Intelligence and Security (CIS 2006), pp. 1555–1558. IEEE Computer Society Press, Los Alamitos (2006)

    Chapter  Google Scholar 

  6. Kishor, S.: Trivedi: Probability and Statistics with Reliability, Queuing and Computer Science Applications, 2nd edn. Wiley Interscience, Chichester (2002)

    Google Scholar 

  7. Roy, D., Yates, D.J.: Goodman: Probability and Stochastic Process, 2nd edn. Wiley International Edition, Chichester (2003)

    Google Scholar 

  8. KISA: Statistics and Analysis on Hacking and Virus, http://www.krcert.or.kr

  9. Law, A., Kelton, W.: Simulation Modeling and Analysis, 3rd edn. McGraw-Hill Higher Education, New York (2000)

    Google Scholar 

  10. Frauenthal, J.C.: Mathematical Modeling in Epidemiology. Springer, New York (1980)

    MATH  Google Scholar 

  11. Deley, D.J., Gani, J.: Epidemic Modeling: An Introduction. Cambridge University Press, Cambridge (1999)

    Google Scholar 

  12. Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: Proc. of the 11th USENIX Security Symposium (Security02) (2002)

    Google Scholar 

  13. Zou, C.C., Gong, W., Towsley, D.: Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense. In: Proc. of the ACM CCS Workshop on Rapid Malcode (WORM 2003) (2003)

    Google Scholar 

  14. Zou, C.C., Gong, W., Towsley, D.: Code Red Worm Propagation Modeling and Analysis. In: Proc. of the 9th ACM Conference on Computer and Communications Security, pp. 138–147. ACM Press, New York (2002)

    Chapter  Google Scholar 

  15. Moore, D., Shannon, C., Voelker, G.M., Savage, S.: Internet Quarantine: Requirements for Containing Self-Propagating Code. In: Proc. of the proceedings of IEEE INFOCOM, IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  16. Chen, Z., Gao, L., Kwiat, K.: Modeling the Spread of Active Worms. In: Proc. of the proceedings of IEEE INFOCOM 2003, IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  17. Vogt, T.: Simulating and Optimising Worm Propagation Algorithms (2003), http://web.lemuria.org/security/WormPropagation.pdf

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information Management and Security, Center for Information Security Technologies (CIST), Korea University, 1, 5-ga, Anam-dong, SungBuk-gu, 136-701, Seoul, Korea

    Young-Gab Kim & Jongin Lim

  2. Dept.of Informatics & Statistics, Kunsan National University, San68, Miryong-dong, Gunsan, Jeolabuk-do, 573-701, Korea

    Dongwon Jeong

  3. School of Business IT, Kookmin University, 861-1, Chongnung-dong. SungBuk-gu, Seoul, Postfach 136-702, Korea

    Soo-Hyun Park

  4. Department of Computer Science & Engineering, Korea University, 1, 5-ga, Anam-dong, SungBuk-gu, 136-701, Seoul, Korea

    Doo-Kwon Baik

Authors
  1. Young-Gab Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dongwon Jeong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Soo-Hyun Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jongin Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Doo-Kwon Baik
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science and Technology , Xidian University, 710071, Xi’an, China

    Yuping Wang

  2. Department of Computer Science , Hong Kong Baptist University, Hong Kong, China

    Yiu-ming Cheung

  3. Faculty of Applied Mathematics , Guangdong University of Technology, 5100006, Guangzhou, China

    Hailin Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, YG., Jeong, D., Park, SH., Lim, J., Baik, DK. (2007). Modeling and Simulation for Security Risk Propagation in Critical Information Systems. In: Wang, Y., Cheung, Ym., Liu, H. (eds) Computational Intelligence and Security. CIS 2006. Lecture Notes in Computer Science(), vol 4456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74377-4_90

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74377-4_90

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74376-7

  • Online ISBN: 978-3-540-74377-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation