000084167 001__ 84167
000084167 005__ 20200117221626.0
000084167 0247_ $$2doi$$a10.1109/ICCCN.2018.8487446
000084167 0248_ $$2sideral$$a110337
000084167 037__ $$aART-2018-110337
000084167 041__ $$aeng
000084167 100__ $$aChang, X.
000084167 245__ $$aSurvivability model for security and dependability analysis of a vulnerable critical system
000084167 260__ $$c2018
000084167 5060_ $$aAccess copy available to the general public$$fUnrestricted
000084167 5203_ $$aThis paper aims to analyze transient security and dependability of a vulnerable critical system, under vulnerability-related attack and two reactive defense strategies, from a severe vulnerability announcement until the vulnerability is fully removed from the system. By severe, we mean that the vulnerability-based malware could cause significant damage to the infected system in terms of security and dependability while infecting more and more new vulnerable computer systems. We propose a Markov chain-based survivability model for capturing the vulnerable critical system behaviors during the vulnerability elimination process. A high-level formalism based on Stochastic Reward Nets is applied to automatically generate and solve the survivability model. Survivability metrics are defined to quantify system attributes. The proposed model and metrics not only enable us to quantitatively assess the system survivability in terms of security risk and dependability, but also provide insights on the system investment decision. Numerical experiments are constructed to study the impact of key parameters on system security, dependability and profit.
000084167 536__ $$9info:eu-repo/grantAgreement/ES/MINECO/TIN2014-58457-R
000084167 540__ $$9info:eu-repo/semantics/openAccess$$aAll rights reserved$$uhttp://www.europeana.eu/rights/rr-f/
000084167 592__ $$a0.233$$b2018
000084167 593__ $$aComputer Networks and Communications$$c2018
000084167 593__ $$aSoftware$$c2018
000084167 593__ $$aHardware and Architecture$$c2018
000084167 655_4 $$ainfo:eu-repo/semantics/article$$vinfo:eu-repo/semantics/acceptedVersion
000084167 700__ $$aLv, S.
000084167 700__ $$0(orcid)0000-0001-7982-0359$$aRodriguez, R.J.
000084167 700__ $$aTrivedi, K.
000084167 773__ $$g2018-July (2018), [6 pp]$$pProc. - Int. Conf. Comput. Commun. Netw.$$tProceedings - International Conference on Computer Communications and Networks, ICCCN$$x1095-2055
000084167 8564_ $$s184783$$uhttp://zaguan.unizar.es/record/84167/files/texto_completo.pdf$$yPostprint
000084167 8564_ $$s126082$$uhttp://zaguan.unizar.es/record/84167/files/texto_completo.jpg?subformat=icon$$xicon$$yPostprint
000084167 909CO $$ooai:zaguan.unizar.es:84167$$particulos$$pdriver
000084167 951__ $$a2020-01-17-21:56:52
000084167 980__ $$aARTICLE