Abstract
This paper describes a realistic intrusion experiment intended to investigate whether such experiments can yield data suitable for use in quantitative modelling of preventive security, which denotes the system's ability to protect itself from external intrusions. The target system was a network of Personal Computer clients connected to a server. A number of undergraduate students served as attackers and continuously reported relevant data with respect to their intrusion activities. This paper briefly describes the experiment and presents a compilation of all the types of data recorded. A first interpretation and classification of the data are made, and its possible use for modelling purposes is discussed. Summaries of breach parameters and a number of informtive diagrams and tables reflecting the intrusion process are presented.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
C. R. Attanasio. P. Markstein and R. J. Phillips: Penetrating an Operating System: A Study of VM/370 Integrity, IBM Systems J., 15 (1), pp. 102–16, 1976.
S. Brocklehurst, B. Littlewood, T. Olovsson and E. Jonsson: On Measurement of Operational Security, in COMPASS 94 (9th Annual IEEE Conference on Computer Assurance), (Gaithersburg), pp. 257–66, IEEE Computer Society, 1994.
D. E. Denning: An Intrusion-Detection model, IEEE Trans. Software Engineering, 12 (2), pp. 222–32, 1987.
P. D. Goldis: Questions and Answers about Tiger Team, EDPACS, The EDP Audit, Control and Security Newsletter, October 1989, Vol XVII, No. 4.
U. Gustafson, E. Jonsson, T. Olovsson: Security Evaluation of a PC Network based on Intrusion Experiments. In the Proceedings of the 14th International Congress on Computer and Communications Security, SECURICOM '96, 4–6 June 1996, Paris, France.
I. S. Herschberg: Make the Tigers Hunt for You, Computers and Security, 7, pp. 197–203, 1988.
Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria, December 1993. ISBN 92-826-7024-4.
E. Jonsson, T. Olovsson: On the Integration of Security and Dependability in Computer Systems, IASTED International Conference on Reliability, Quality Control and Risk Assessment, Washington, Nov. 4–6, 1992. ISBN 0-88986-171-4, pp. 93–97.
E. Jonsson, M. Andersson: On the Quantitative Assessment of Behavioural Security. Presented at the Australasian Conference on Information Security and Privacy, 24–26 june 1996, Wollongong, Australia.
E. Jonsson, T. Olovsson: An Empirical Model of the Security Intrusion Process. In the Proceedings of the 11th Annual IEEE Conference on Computer Assurance, COMPASS '96, 17–21 June 1996, Gaithersburg, Maryland, USA.
B. Littlewood, S. Brocklehurst, N.E. Fenton, P. Mellor, S. Page, D. Wright, J.E. Dobson, J.A. McDermid and D. Gollmann: Towards operational measures of computer security, Journal of Computer Security, vol. 2, no. 3. 1994.
T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: Towards Operational Measures of Computer Security: Experimentation and Modelling, in Predictably Dependable Computing Systems (editor B. Randell et al.), Springer Verlag, ISBN 3-540-59334-9, 1995.
Trusted Computer System Evaluation Criteria (“Orange Book”), National Computer Security Center, Department of Defense, No DOD 5200.28.STD, 1985.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gustafson, U., Jonsson, E., Olovsson, T. (1996). On the modelling of preventive security based on a PC network intrusion experiment. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023303
Download citation
DOI: https://doi.org/10.1007/BFb0023303
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61991-8
Online ISBN: 978-3-540-49583-3
eBook Packages: Springer Book Archive