English

A Stochastic Model for Quantitative Security Analyses of Networked Systems

Cryptography and Security 2016-03-29 v1 Social and Information Networks

Abstract

Traditional security analyses are often geared towards cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into {\em which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security}. This question is known to be notoriously difficult to answer, and the state-of-the-art is that we know little about it. Towards ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems, and (2) the underlying {\em vulnerability graph}, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.

Keywords

Cite

@article{arxiv.1603.08300,
  title  = {A Stochastic Model for Quantitative Security Analyses of Networked Systems},
  author = {Xiaohu Li and Paul Parker and Shouhuai Xu},
  journal= {arXiv preprint arXiv:1603.08300},
  year   = {2016}
}
R2 v1 2026-06-22T13:19:30.463Z