Survivality Modeling for Quantitative Security Assessment in Ubiquitous Computing Systems*

  • Changyeol Choi
  • Sungsoo Kim
  • We-Duke Cho
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3043)


Ubiquitous computing is about networked processors, which is constructed not only with one computer but with networks of computers. Security solutions usually lack a clear definition of survivality. Thus, this paper deals with a method of quantitatively assessing the system security based on the survivality. Since a logical step towards modeling survivality is to have a set of requirements first, attack-type modeling is constructed firstly. As the case study, we analyze the TCP-SYN attack and Code-Red worm attack according to both the attack-type model and survivality model.


Ubiquitous Computing Connection Request Security Solution Network Processor Information Security Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Weiser, M.: Some computer science problems in ubiquitous computing. Communications of the ACM 36, 75–84 (1993)CrossRefGoogle Scholar
  2. 2.
    Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. Fred Cohen & Associates (1999) Google Scholar
  3. 3.
    Gupta, M., Chaturvedi, A., Mehta, S.: The Experimental Analysis of Information Security Management Issues for Online Financial Services. In: Proceedings of the 21th ACM International Conference on Information Systems, pp. 667–675 (2000)Google Scholar
  4. 4.
    Littlewood, B., et al.: Towards operational measures of computer security. Journal of Computer Security, 211–229 (1993)Google Scholar
  5. 5.
    Ortalo, R., et al.: Experiments with quantitative evaluation tools for monitoring operational security. IEEE Transaction on Software Engineering 25, 633–650 (1999)CrossRefGoogle Scholar
  6. 6.
    Madan, B., Gŏseva-Popstojanova, K., Vaidyanathan K., and Trivedi, K.: Modeling and Quantification of Security Attributes of Software Systems. In: Proceedings of the International Conference on Dependable Systems and Networks, pp 505-514 (2002) Google Scholar
  7. 7.
    Mirkovic, J., Prier, G., Reiher, P.: Attacking DDoS at the Source. In: Proceedings of the 10th IEEE International Conference on Network Protocols, pp. 312–321 (2002)Google Scholar
  8. 8.
    Hunter, S.W., Smith, W.E.: Code-Red: a Case Study on the Spread and Victims of an Internet Worm. In: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurement Workshop, Analysis and Synthesis, pp. 273–284 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Changyeol Choi
    • 1
  • Sungsoo Kim
    • 1
  • We-Duke Cho
    • 2
  1. 1.Graduate School of Information and Communication Ajou UniversitySuwonKorea
  2. 2.CUCN, KETI Ubiquitous Frontier OfficeSuwonKorea

Personalised recommendations