| With the rapid development of Internet technology,information technology not only bring us convenient and development,but also closely connected with our life.At present,the network attacks are frequent,especially for the critical system providing social infrastructure services.Once a new vulnerability is found in these critical systems,attackers can carry out attack to the critical systems according to this vulnerability,harm the system security and reliability,leading to sensitive information leakage and even leading to social infrastructure services to stop running,damaging the society and the interests of the people.Then how to evaluate the security defense mechanisms of vulnerable critical systems has become an important research topic.This paper first builds a continuous time Markov chain(CTMC)with adsorbing state for the Abnormal Detection System.This paper defines system survivability as the fully recovering capability of the system,analyzes system survivability by calculating the transient probability of Markov chain and compares the influence of different recovering speed and detection rate on the recovering capability of the system.This paper also simulates a series of recovering processes of the Abnormal Detection System after it is attacked and analyzes the effect of Abnormal Detection System during the whole recovery process,in order to verify the approximate accuracy of our model.This paper then investigates the scenario where two reactive defense strategies are deployed to reduce or prevent the security damage caused by malware.We propose a Markov chain-based survivability model for capturing the vulnerable critical system behaviors during the vulnerability mitigation.A high-level formalism based on Stochastic Reward Nets is applied to automatically generate and solve the survivability model.In our Markov chain-based survivability model,we also consider that attacker may infecting new vulnerable computer systems.We define the corresponding transient metrics and cumulative metrics for the proposed model,we can analysis the security and dependability of vulnerable system by using these metrics and evaluates our model solutions obtained by using SPNP software package to solve the SRN model and calculate the metrics.The proposed model and metrics not only enable us to quantitatively assess the system survivability in terms of security risk and dependability,but also quantify the benefit during the period of model.Five numerical experiments are constructed to study the impact of key parameters on system security,dependability and profit,these results can provide insights on system investment decision. |
PDF Full Text Request