A stochastic model of maliciel process attack for the evaluation of network security

摘要

To trust a computer system that is supposed to be secure, it is necessary to predict the degree to which the system's security level can be achieved when operating in a specific environment under attacks. In this paper, the main focus of the study is on how to model the progression of an attack process over time, we propose a stochastic model based on chains Markov. The basic assumption of our model is that the time parameter plays the essential role in capturing the nature of an attack process. In practice, the attack process will terminate successfully, possibly after a number of unsuccessful attempts. What is important is, indeed, the estimation of how long it takes to be conducted. The proposed stochastic model is parameterized based on a suitable definition of time distributions describing attacker's actions and system's reactions over time. For this purpose, probability distribution functions are defined and assigned to transitions of the model for characterizing the temporal aspects of the attacker and system behavior. The proposed method shows a systematic development of the stochastic modeling techniques and concepts, used frequently in the area of dependability evaluation, for attack process modeling.