An Approach to Network Security Assessment based on Probalistic Relational Models
2010 (English)In: First Workshop on Secure Control Systems (SCS-1), 2010Conference paper (Refereed)
To assist rational decision making regarding network security improvements, decision makers need to be able to assess weaknesses in existing or potential new systems. This paper presents a model based assessment framework for analyzing the network security provided by different architectural scenarios. The framework uses a probabilistic relational model to express attack paths and related countermeasures. In this paper, it is demonstrated that this method can be used to support analysis based on architectural models. The approach allows calculating the probability that attacks will succeed given the instantiated architectural scenario. Moreover, the framework is scalable and can handle the uncertainties that accompany an analysis. The method has been applied in a case study of a military network.
Place, publisher, year, edition, pages
Probabilistic Relational Model, Network Security, Security Assessment, Attack Graph, Architecture Model
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-79818OAI: oai:DiVA.org:kth-79818DiVA: diva2:495710
QC 201204102012-02-092012-02-092012-04-10Bibliographically approved