Abstract
We propose a new model for estimating the time to compromise a system component that is visible to an attacker. The model provides an estimate of the expected value of the time-to-compromise as a function of known and visible vulnerabilities, and attacker skill level. The time-to-compromise random process model is a composite of three subprocesses associated with attacker actions aimed at the exploitation of vulnerabilities. In a case study, the model was used to aid in a risk reduction estimate between a baseline Supervisory Control and Data Acquisition (SCADA) system and the baseline system enhanced through a specific set of control system security remedial actions. For our case study, the total number of system vulnerabilities was reduced by 86% but the dominant attack path was through a component where the number of vulnerabilities was reduced by only 42% and the time-to-compromise of that component was increased by only 13% to 30% depending on attacker skill level.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Browne, H. K., McHugh, J., Arbaugh, W.A. and Fithen, W.L., “A trend Analysis of Exploitations,” technical report CS-TR-4200, University of Maryland and Software Engineering Institute, November 2002.
Cohen, F., “Managing Network Security The Millisecond Fantasy,” http://all.net/journal/netsec/1999-2003.html, 2003.
Evans, M., Hastings, N. and Peacock, B., “Statistical Distributions,” Second Edition, 1993.
Jonsson, E., “A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior,” IEEE Transactions on Software Engineering, Vol 23 No 4, April 1997.
Rescorla, E., “Is Finding Security Holes a Good Idea,” IEEE Security & Privacy, January–February 2005.
Turner, D., ed., “Symantec Internet Security Threat Report,” Volume VI, September, 2004, http://enterprisesecurity.symantec.com/content.cfm?articleid-1539, 2004.
Byres, E. J., Franz, M. and Miller, D., “The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems”, International Infrastructure Survivability Workshop (IISW ‘04, IEEE, Lisbon, Portugal, December 4, 2004
Carlson, R. E., Turnquist, M. A. and Nozick, L. K., Expected Losses, Insurability, and Benefits from Reducing Vulnerability to Attacks, SAND2004-0742, Sandia National Laboratories, Albuquerque, New Mexico, 2004.
Dacier, M., Deswarte, Y. and Kaaniche, M., “Quantitative Assessment of Operational Security: Models and Tools” Information Systems Security, ed. by S. K. Katsikas and D. Gritzalis, London, Chapman & Hall, p. 179–86, 1996.
Haimes, Yacov Y., “Accident Precursors, Terrorist Attacks, and Systems Engineering,” Presented at the NAE Workshop, 2003.
Madan, B.B., Goševa-Popstojavova, K., Vaidyanathan, K. and Trivedi, K. S., “Modeling and Quantification of Security Attributes of Software Systems,” International Conference on Dependable Systems and Networks, Washington, DC,, 2002.
Major, J. A., “Advanced Techniques for Modeling Terrorism Risk,” Journal of Risk Finance, Fall 2002.
McQueen, M. A., Boyer, W. F., Flynn, M. A. and Beitel, G. A., “Quantitative Cyber Risk Reduction Estimation for a SCADA Control System”, INL/EXT-05-00319, Idaho National Laboratory, CSSC Report, prepared for U.S. Department of Homeland Security, May 17, 2005.
Sheyner, O., Haines, J., Jha, S., Lippmann, R. and Wing, J. M., “Automated Generation and Analysis of Attack Graphs,” Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Berkeley, California, May 2002, 273–284.
Taylor C, Krings, A. and Alves-Foss, J., “Risk Analysis and Probabilistic Survivability Assessment (RAPSA): An Assessment Approach for Power Substation Hardening,” Proc. ACM Workshop on Scientific Aspects of Cyber Terrorism, (SACT), Washington DC, November 21, 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer Science+Business Media, LLC.
About this paper
Cite this paper
McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.A. (2006). Time-to-Compromise Model for Cyber Risk Reduction Estimation. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds) Quality of Protection. Advances in Information Security, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-36584-8_5
Download citation
DOI: https://doi.org/10.1007/978-0-387-36584-8_5
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-29016-4
Online ISBN: 978-0-387-36584-8
eBook Packages: Computer ScienceComputer Science (R0)