<p>Cyber-threats are progressing with unrivaled speed and complexity, and security analysis has become a critical issue for preserving systems reliability. In this paper, the problem of security analysis under cyber threats is studied in a discrete event systems framework, where we attempt to analyse the systems security in a timed and a probabilistic setting. The considered systems are modeled by labeled timed probabilistic automata containing both the normal functioning of the system and the attack scenarios. The main contributions of this paper are (<i>i</i>) introducing novel quantitative metrics to evaluate the exposure of the considered systems to the existing cyber threats, (<i>ii</i>) the analysis of the effectiveness of attack detection functions, by evaluating their performance in terms of reactivity, correctness, and detection delay. These approaches provide deep and comprehensive insight for analysing, maintaining, and enhancing systems security.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Security analysis of systems under cyber threats using labeled timed probabilistic automata

  • Omar Amri,
  • Dimitri Lefebvre

摘要

Cyber-threats are progressing with unrivaled speed and complexity, and security analysis has become a critical issue for preserving systems reliability. In this paper, the problem of security analysis under cyber threats is studied in a discrete event systems framework, where we attempt to analyse the systems security in a timed and a probabilistic setting. The considered systems are modeled by labeled timed probabilistic automata containing both the normal functioning of the system and the attack scenarios. The main contributions of this paper are (i) introducing novel quantitative metrics to evaluate the exposure of the considered systems to the existing cyber threats, (ii) the analysis of the effectiveness of attack detection functions, by evaluating their performance in terms of reactivity, correctness, and detection delay. These approaches provide deep and comprehensive insight for analysing, maintaining, and enhancing systems security.