Quantification of Security and Survivability



Similar documents
Network Security Administrator

Performance, Availability and Power Analysis for IaaS Cloud

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Keywords Backup and restore strategies, online backup, metrics, modelling methods, hourly backup.

Introduction to Cyber Security / Information Security

A Review on Zero Day Attack Safety Using Different Scenarios

Adversary-Driven State-Based System Security Evaluation

The Bayesian Network Methodology for Industrial Control System with Digital Technology

A NOVEL OVERLAY IDS FOR WIRELESS SENSOR NETWORKS

PFP Technology White Paper

Towards Understanding the (In)security of Networked Systems under Topology-directed Stealthy Attacks

Introduction to Security

Risk and Security Assessment. Zbigniew Kalbarczyk

Improving SCADA Control Systems Security with Software Vulnerability Analysis

Security + Certification (ITSY 1076) Syllabus

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Industrial Control Systems Security Guide

Ashok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015

ABB s approach concerning IS Security for Automation Systems

Risk Calculation and Predictive Analytics: Optimizing Governance, Risk and Compliance.

Exam 1 - CSIS 3755 Information Assurance

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

Cyber Essentials KAMI VANIEA 2

INTRUSION DETECTION ON CLOUD APPLICATIONS

Survey on Models to Investigate Data Center Performance and QoS in Cloud Computing Infrastructure

Implementation of P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Security and Privacy Issues in Wireless Ad Hoc, Mesh, and Sensor Networks

IBX Business Network Platform Information Security Controls Document Classification [Public]

Cyber Security Controls Assessment : A Critical Discipline of Systems Engineering

Intelligent Worms: Searching for Preys

SANS Top 20 Critical Controls for Effective Cyber Defense

Module 1: Introduction to Computer System and Network Validation

IT Networking and Security

A Hierarchical Information System Risk Evaluation Method Based on Asset Dependence Chain

Preventing Resource Exhaustion Attacks in Ad Hoc Networks

Profit Maximization and Power Management of Green Data Centers Supporting Multiple SLAs

Computer Security: Principles and Practice

Network Security: A Critical Component to Any Business IT Plan.

Disaster-Resilient Backbone and Access Networks

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Adobe ColdFusion. Secure Profile Web Application Penetration Test. July 31, Neohapsis 217 North Jefferson Street, Suite 200 Chicago, IL 60661

ENHANCED HYBRID FRAMEWORK OF RELIABILITY ANALYSIS FOR SAFETY CRITICAL NETWORK INFRASTRUCTURE

Towards a Unifying Security Framework for Cyber- Physical Systems

SCADA Security Measures

SCADA Cyber Security Testbed Development

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

Network Security Using Job Oriented Architecture (SUJOA)

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

ACL Based Dynamic Network Reachability in Cross Domain

Network Technology CMP-354-TE. TECEP Test Description

Risk Management for IT Security: When Theory Meets Practice

106 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER survivability.

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Fault Analysis in Software with the Data Interaction of Classes

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Fundamentals of Network Security - Theory and Practice-

Metrics to Assess and Manage Software Application Security Risk. M. Sahinoglu, S. Stockton, S. Morton, P. Vasudev, M. Eryilmaz

A Catechistic Method for Traffic Pattern Discovery in MANET

Five keys to a more secure data environment

ISSN Vol.04,Issue.25, July-2015, Pages:

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

5054A: Designing a High Availability Messaging Solution Using Microsoft Exchange Server 2007

Information Security Services

Weighted Total Mark. Weighted Exam Mark

Secure Attack Measure Selection and Intrusion Detection in Virtual Cloud Networks. Karnataka.

Securing the Service Desk in the Cloud

CompTIA Security+ (Exam SY0-410)

Can Software Defined Networks (SDN) manage the dependability of the service provided to selected customers?

Security and Privacy in Cloud Computing

Basics of Internet Security

Security Design.

Cisco Advanced Services for Network Security

Cyber-Physical Security in Power Networks

SECURITY RISK MANAGEMENT

Penetration Testing in Romania

Transcription:

Quantification of Security and Survivability ITI Workshop on Dependability and Security Urbana, Illinois Kishor Trivedi Department of Electrical and Computer Engineering Duke University Durham, NC 27708-0291 Email: kst@ee.duke.edu Home page: www.ee.duke.edu/~kst

Outline Quantification of security Quantification of survivability

Security Quantification Security Attributes Integrity, confidentiality, availability Authentication, non-repudiation Threats Design, physical, interaction faults Attacks Security Evaluation Qualitative assessment Certain checklists as security evaluation criteria, tiger team Quantitative assessment Based on probabilistic approach

Related work Littlewood et al. explored the feasibility of probabilistic quantification on security Ortalo et al. used privilege graph to model system operational security Jha et al. used attack graph to model attacker behavior Singh et al. designed SANs (stochastic activity networks) model for probabilistic validation of security and performance of several intrusiontolerant architectures Chen et al. analyzed vulnerabilities using finite state machine model Jonsson et al. conducted experiments and presented a quantitative model of security intrusion based on attacker behavior Stevens et al. proposed probabilistic methods to model the DPASA (Designing Protection and Adaptation into a Survivable Architecture) architecture

Probabilistic Security Quantification Our research publications Security analysis of SITAR Intrusion Tolerant System, ACM Workshop on Survivable and Self-Regenerative systems, Oct. 2003 A method for Modeling and Quantifying the Security Attributes of Intrusion Tolerant System Performance Evaluation Journal, 2004 Security modeling and quantification of intrusion tolerant systems using attack-response graph, Trusted Internet Workshop, Dec. 2003 Our approach: design state transition diagram of system security states, and use Markov chains, Semi Markov Process, SRN and Attack Response Graph to develop high fidelity models incorporating both attacker and system behavior.

SITAR Overview SITAR is an intrusion tolerant architecture developed jointly by MCNC and Duke SITAR uses spatial redundancy, diversity and adaptive reconfiguration to achieve intrusion tolerance SITAR architecture Proxy modules (PM) Acceptance monitors (AM) Ballot monitors (BM) Audit control module (ACM) Adaptive reconfiguration module (ARM) COTS servers

Security Quantification of SITAR Security vs. attack rate 1 0.995 0.99 0.985 0.98 0.975 0.97 0.965 0.96 0.955 threat level 3 threat level 1 0.33 2.33 4.33 6.33 8.33 10.33 12.33 Threat level 1 System security 30000 25000 20000 15000 10000 5000 0 Mean time to security failure vs. attack rate 1 2 3 4 5 6 7 8 9 10 11 12 13 threat level 3 threat level 1 Threat level 3 Mean time to severe security failure

Security Quantification Challenges Appropriate modeling of cyber attackers Need to determine appropriate level of detail/abstraction Need different attacker models for different purposes and attack classes Comprehensive modeling of system-level security quantification Difficult to model certain security attributes such as confidentiality and integrity using probabilistic techniques Hard to comprehensively quantify high-level security requirement with different security attributes using a single approach Measurement techniques for model parameterization and validation Hard, careful work and significant time required for data collection

Survivability Quantification Threats Natural disasters Man-made accidents Hardware/software faults Malicious attacks Quantitative evaluation John Knight A survivability specification is a four-tuple {E, R, P, M}, E: operating environment; R: tolerable service; P: pmf on R; M: finite-state machine of state transition (analogous to availability). Soung Liew r-percentile survivability N r is the probability that N is no greater than r % of the total resource (analogous to performability). T1A1.2 working group Survivability depicts the time-varying system performance after a failure occurs

Our Survivability Research Analysis approach Develop, parameterize, and solve Markov and non-markov models including failure modes, traffic patterns, and resource contention. T1A1.2 based survivability measures do NOT depend on the disaster rate; this may be considered good as the disaster rate is hard to quantify in practice Our Publications Transient behavior of ATM networks under overloads IEEE INFOCOM 96, pages 978 985, San Francisco, CA, March 1996. Network survivability performance evaluation: a quantitative approach with applications in wireless ad-hoc networks ACM International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM' 02), Atlanta, GA, September 2002. A general framework of survivability quantification Proc. of l2th GI/ITG. Conf. On Measuring, Modelling and Evaluation of Computer and Communication Systems (MMB 04) Survivability analysis of telephone access network Proc. of 15th IEEE International Symposium on Software Engineering (ISSRE 04)

Availability and performance models λ λ λ 0 1 2 n-1 n µ 2µ 3µ nµ λ Pure performance model To compute blocking prob. In each state of the availability model Pure availability model

Force a failure in the system P bk =1 Survivability Model and Results Survivability results blocking probability P bk =0.0079366 T R : relaxation time P bk =1 P bk =1 P bk =1 P bk =0.0079366 T R Normal operation in this state Make this Absorbing state Make this the initial state

Excess Loss Due to Failure (ELF) ELF: a survivability measure reflecting the total loss before the system is recovered P bk (t) P bk (t=0) Area in the shadow Dropped calls + Excess blocked calls = ELF

Comparison: six proposed architectures of Telephone access network Active/standby IIC1 Active/standby IIC2 Active/active IIB I, IIA Relaxation time* 35310 s 35370 s 32940 s 118 days Call loss due to failure 9920 9920 4944 9920 Extra call loss due to blocking 19729 25323 15804 9*10 7 ELF 29649 35243 20748 9*10 7 III 0 s 0 0 0 Y. Liu, V. Mendiratta, K. S. Trivedi, Survivability analysis of telephone access network Proc. of 15th IEEE International Symposium on Software Engineering (ISSRE 04)

Survivability Quantification Challenges No unified definition Variation due to different metrics Steady state or transient Availability, capacity-oriented availability, or performance Variation due to different systems Wire-line/wireless access networks, optical transport networks, military 3C networks, financial and banking networks, etc. Increased system complexity Heterogeneity Components have different capacity, performance, fault tolerance Multiple layer hierarchy Cross layer dependence, fault propagation, resource allocation & optimization Failure scenario and impact Identify potential failures and their impact on services

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information