期刊文献+

入侵容忍系统安全属性分析 被引量:27

Security Attributes Analysis for Intrusion Tolerant Systems
下载PDF
导出
摘要 首先提出一个优化的系统状态转移模型,用以描述具有自我演进能力的入侵容忍系统的动态行为,并提高了对攻击行为的描述能力,以该模型为基础,建立SMP模型并对系统安全属性及可执行性进行定量分析,进而计算出系统平均安全故障时间(MTTSF);最后给出数值分析结果,并通过计算模型中时间参数的敏感度,得出入侵容忍技术研究的关键点. It is significant to analyze security attributes of intrusion tolerant system while we research the effects of intrusion tolerance technologies. The paper puts forward an optimized states transition model to characterize dynamic actions of the intrusion tolerant systems with self-evolutional capability. The model improves the capability to describe attack actions and characterizes the modality of systems efficiently. The authors build a semi Markov process based on the embedded Markov chain of the states transition model. Security attributes including availability and confidentiality and integrality are analyzed by computing steady states probability of Markov model. Associating a reward rate with every state of the model, performability of the system is also computed quantitatively. The mean time to security failure MTTSF is calculated afterwards by computing the visit counts and mean sojourn times of non-absorbing states in SMP model. Finally, numerical results are presented and sensitivity analysis of time parameters in the model is reckoned in order to educe the key research points of intrusion tolerance technology.
出处 《计算机学报》 EI CSCD 北大核心 2006年第8期1505-1512,共8页 Chinese Journal of Computers
基金 国家十五预研项目基金(41315.7.3)资助.
关键词 入侵容忍 安全属性 MTTSF SMP模型 可执行性 intrusion tolerance security attribute mean time to security failure semi Markovprocess model performability
  • 相关文献

参考文献12

  • 1Allen J. , Christie A. , Fithen W. et al. State of the practice of intrusion detection technologies. Carnegie Mellon, SEI, Technical Report: CMU/SEI-99-TR-028, 2000
  • 2Fraga J. S. , Powell D.. A fault- and intrusion-tolerant file system. In: Proceedings of the 3rd International Conference on Computer Security, Dublin, Ireland, 1985, 203-218
  • 3Jonsson E. , Olovsson T.. A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering, 1997, 23(4): 235-245
  • 4Gong F, , Goseva-PopstojanovaVaid-yanathan K. , Trivedi K. ,K., Wang F., Wang R.Muthusamy B.. Characterizing intrusion tolerant systems using a state transition model.In: Proceedings of the DARPA Information Survivability Conference and Exposition(DISCEX II), 2001, 2:211-221
  • 5Jha S. , Wing J. M.. Survivability analysis of networked systems. In: Proceedings of the 23rd International Conference on Software Engineering, Toronto, Canada, 2001, 307-317
  • 6Ortalo R. , Deswarte Y. , Kaaniche M.. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 1999, 25(5) :633-650
  • 7Sheyner O. , Haines J. , Jha S. , Lippmann R. , Wing J. M..Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, USA, 2002, 273-284
  • 8Wang D. Z. , Madan B. B. , Trivedi K.S.. Modeling SITAR system security. In: Proceedings of the 14th IEEE International Symposium on Software Reliability Engineering, 2003, Denver, USA, C-2 Fast Abstracts
  • 9Madan B. B. , Goseva-Popstojanova K. , Vaidyanathan K. ,Trivedi K. S.. A method for modeling and quantifying the security attributes of intrusion tolerant systems. Performance Evaluation, 2004, 56(1-4): 167-186
  • 10Trivedi K.S.. Probability and Statistics with Reliability,Queuing, and Computer Science Applications. 2nd Edition.New York: John Wiley & Sons, 2002

同被引文献202

引证文献27

二级引证文献142

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部