A Stochastic Model for Quantitative Security Analyses of Networked Systems

TL;DR

This paper introduces a stochastic model to evaluate and improve the security of networked systems by analyzing security mechanisms and vulnerabilities, providing insights into optimal configuration and parameter tuning.

Contribution

It presents a novel stochastic framework that quantifies network security, linking system configurations and security mechanisms to the likelihood of system compromise.

Findings

Guidelines for tuning network topology to enhance security

Strategies for upgrading security mechanisms effectively

Conditions under which security thresholds are probabilistically maintained

Abstract

Traditional security analyses are often geared towards cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into {\em which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security}. This question is known to be notoriously difficult to answer, and the state-of-the-art is that we know little about it. Towards ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: (1) the strength of deployed security mechanisms such as intrusion detection systems, and (2) the underlying {\em vulnerability graph}, which reflects how attacks may proceed. The resulting model brings the following insights: (1) How should a defender "tune" system configurations (e.g., network topology) so as to improve security? (2) How should a defender "tune" system parameters (e.g., by upgrading which security mechanisms) so as to improve security? (3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.