T. Olovsson, E. Jonsson, S. Brocklehurst and B. Littlewood, "Towards Operational Measures of Computer Security: Experimentation and Modelling", in Predictably Dependable Computing Systems Basic Research Series, (B. Randell, J.-C. Laprie, H. Kopetz, B. Littlewood, Ed.), pp.555-69, Springer-Verlag, Berlin, Germany, 1995.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....by additional information provided by security experts concerning the definition of potential intruders profiles. For instance in [Denning 1990] it is suggested that most intruders apply well known breaking methods. Similar conclusions were derived from a pilot experiment described in [Olovsson et al. 1995] in which students from the Chalmers University Computer Club have been asked to try to break into a target Unix system. It has been observed that all the students used well known breaking techniques published in popular books dealing with Unix security, for instance [Wood Kochan 1987, Curry ....

T. Olovsson, E. Jonsson, S. Brocklehurst and B. Littlewood, "Towards Operational Measures of Computer Security: Experimentation and Modelling", in Predictably Dependable Computing Systems Basic Research Series, (B. Randell, J.-C. Laprie, H. Kopetz, B. Littlewood, Ed.), pp.555-69, Springer-Verlag, Berlin, Germany, 1995.

....in many respects. First, we found that students are indeed able to break into a standard system within a limited time period and that they can be used in this type of experiment. Second, we learned how to set up such experiments and how to act as coordinators. The first full scale experiment [19] was done half a year after the feasibility study. In this case, our goal was to gather enough data for a quantitative security modeling attempt. Final year students were engaged as attackers. All were at the same time taking Applied Computer Security, and the experiment was performed as a project ....

Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst, and Bev Littlewood. Towards operational measures of computer security: Experimentation and modelling. In Brian Randell, Jean-Claude Laprie, Hermann Kopetz, and Bev Littlewood, editors, Predictably Dependable Computing Systems, chapter VIII, pages 555--572. Springer-Verlag, 1995.

....Other penetration experiments have been carried out at our department, the most similar being a security analysis of a secure database [68] However, most of our previous studies differ from the present. Firstly, the object systems were different: a networked UNIX operating system [62] [63] and a PC Network [66] Secondly, the attackers were final year university students. Thirdly, the attackers had to follow some rules, since the result of these studies were used for mathematical modelling purposes. Section 3 provides a detailed system overview of NT, while section 4 describes the ....

Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst and Bev Littlewood, Towards Operational Measures of Computer Security: Experimentation and Modelling, in B. Randell et al. (editors): Predictably Dependable Computing Systems, Springer Verlag, 1995. pp. 555-572.

....out at the Department of Computer Engineering at Chalmers University of Technology, the most similar being a security analysis of a secure database [9] However, most of the previous works differ from the present. Firstly, the object systems were different: a networked UNIX operating system [13] [14] and a PC Network [7] Secondly, the attackers were final year university students. Thirdly, the attackers had to follow a number of quite specific rules, since the result of these studies were used for mathematical modelling purposes. Section 3 provides a detailed system overview of Windows NT. ....

Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst and Bev Littlewood, Towards Operational Measures of Computer Security: Experimentation and Modelling. In B. Randell et al. (editors), Predictably Dependable Computing Systems, pp. 555-572. Springer Verlag, 1995.

....we make a comparison of a selection of vulnerabilities most of which we know have been used for making real intrusions. Those have been gathered from intrusion experiments carried out at the department of Computer Engineering at Chalmers University of Technology for data collection purposes [3] [20] or from our own system analysis [7] Some data has been taken from other publicly available sources. For the comparison of the vulnerabilities of the two systems, we have used a taxonomy of intrusion techniques suggested by Lindquist and Jonsson [15] The taxonomy has proven useful for ....

Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst and Bev Littlewood, Towards Operational Measures of Computer Security: Experimentation and Modelling. In Predictably Dependable Computing Systems, editor B. Randell et al., Springer Verlag, 1995.

....modeling, e.g. Markov models, could be used. Apart from the modeling work, another objective of the experiment was to gain some general knowledge of the intrusion process and the exploited vulnerabilities by studying and elaborating the data collected. These results have been reported in [16]. Such data were also recovered from a preceding pilot experiment [15] 2] the intention of which was to see whether experiments of this type were at all feasible, and if so, to obtain valuable information on how they should be carried out. In the following, the experiment is outlined in Section ....

....regularpaper97.dot S 19,968 05 14 97 11:11 AM 2 11 hoped to achieve. The experiment was conducted during a 4 week period in November and December 1993. A detailed discussion of how to perform such experiments can be found in [15] and the specific results of this experiment are found in [16]. There were three different kinds of actors involved in the experimentation: the Attackers, the Coordinator, and the System administrator. Each actor is subject to a set of rules and restrictions, as well as a desirable behavior, as described below. 2.1 The System The target system consisted of ....

[Article contains additional citation context not shown here]

T. Olovsson, E. Jonsson, S. Brocklehurst, and B. Littlewood, "Towards Operational Measures of Computer Security: Experimentation and Modelling," Predictably Dependable Computing Systems, B. Randell et al., eds., ISBN 3-540-59334-9, pp. 555-572. Springer-Verlag, 1995.

....logging the full path name of every command, together with all arguments, the proposed auditing policy is much more difficult to trick. 4 The logging during the data collection experiment 4. 1 The experiment During the years 1993 1996, we performed a number of intrusion experiments in UNIX systems [Jons97, Olov95]. The original goal of these experiments was quantitative modelling of operational security, that is, we tried to find measures for security that would reflect the system s ability to resist attacks. In order to do so, extensive logging and reporting were enforced and a great deal of data were ....

Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst, and Bev Littlewood. "Towards operational measures of computer security: Experimentation and modelling." In Brian Randell et al., editors, Predictably Dependable Computing Systems, ESPRIT Basic Research Series, chapter VIII. Springer-Verlag, 1995.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC