Issue No. 01 - January/February (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.9
David John Leversage , British Columbia Institute of Technology
Eric James Byres , BCIT Critical Infrastructure Security Center
The ability to efficiently compare differing security solutions for effectiveness is often considered lacking from a management perspective. To address this we propose a framework for estimating the mean time-to-compromise (MTTC) of a target system for use as a comparative security metric. This MTTC is calculated through a three step process. First a topological map of the target system is divided into attack zones, allowing each zone to be described with its own state-space model (SSM). Next we employ a predator SSM, based on models used in the biological sciences to predict predatorial behavior, to build an attack path SSM which identifies the attack strategies with Markov chains. Finally the attack path model and a state time estimation algorithm (STEA) are used to build the MTTC intervals for the system. These intervals can be quickly calculated for a broad range of systems and mitigating actions, allowing security architects and managers to intelligently compare systems and determine where resources should be focused to achieve the most effective cost/MTTC ratio.
Security, Network Security, SCADA, SCADA Security, Computer Security, Critical Infrastructure, Critical Infrastructure Protection, Markov, Compromise, Time-to-Compromise, Mean Time-to-Compromise, MTTC, Process Control, State Space Model, Attack Path, Predator
E. J. Byres and D. J. Leversage, "Estimating a System's Mean Time-to-Compromise," in IEEE Security & Privacy, vol. 6, no. , pp. 52-60, 2008.