Browse > Article

A Probabilistic Model of Damage Propagation based on the Markov Process  

Kim Young-Gab (고려대학교 컴퓨터학과)
Baek Young-Kyo (고려대학교 수학과)
In Hoh-Peter (고려대학교 컴퓨터학과)
Baik Doo-Kwon (고려대학교 컴퓨터학과)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.33, no.8, 2006 , pp. 524-535 More about this Journal
Abstract
With rapid development of Internet technology, business management in an organization or an enterprise depends on Internet-based technology for the most part. Furthermore, as dependency and cohesiveness of network in the communication facilities are increasing, cyber attacks have been increased against vulnerable resource in the information system. Hence, to protect private information and computer resource, research for damage propagation is required in this situation. However the proposed traditional models present just mechanism for risk management, or are able to be applied to the specified threats such as virus or worm. Therefore, we propose the probabilistic model of damage propagation based on the Markov process, which can be applied to diverse threats in the information systems. Using the proposed model in this paper, we can predict the occurrence probability and occurrence frequency for each threats in the entire system.
Keywords
Markov Process; Risk Estimation; Damage Propagation; Cyber Attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 이동훈, 이현숙, 김영자, 변진욱, 김역, 이래, 박혜영, 최은영, '컴퓨터 해킹 . 바이러스 피해액 산출방법 연구' 한국정보보호진흥원(KISA), 2002
2 S. Staniford, V. Paxson, and N.Weaver, 'How to Own the Internet in Your Spare Time,' In Proc. of the 11th USENIX Security Symposium (Security02), 2002
3 G. Stoneburner, A. Goguen, and A. Feringa, 'Risk Mangement Guide for Information Technology Systems,' NIST Special Publication 800-30, National Institute of Standards and Technology (NIST), 2002
4 D. J. Deley and J. Gani, 'Epidemic Modeling. An Introduction,' Cambridge university Press, 1999
5 L. Edelstein-Keshet, 'Mathematical Models in Biology,' Random House, New York, 1988
6 D. Moore, C. Shannon, G. M. Voelker, and S. Savage, 'Internet Quarantine: Requirements for Containing Self-Propagating Code,' In Proc. of IEEE INFOCOM, 2003
7 한국정보보호진흥원(KISA), '해킹바이러스 통계 및 분석 월보(2001년 1월 - 2005년 6월)', 한국정보보호진흥원(KISA), http://www.krcert.or.kr/
8 Robert V. Hogg and Allen T. Craig, Introduction to Mathematical Statistics, Fifth Edition, Prentice-Hall, 1995
9 C. C. Zou, W. Gong, and D. Towsley, 'Worm Propagation Modeling and Analysis under Dynamic Quarantine Defense,' In Proc. of ACM CCS Workshop on Rapid Malcode (WORM'03), October, 2003   DOI
10 Y-G. Kim, T. Lee, H. P. In, Y-J. Chung, I. Kim, and D.-K. Baik, 'A Probabilistic Approach to Estimate the Damage Propagation of Cyber Attacks,' Lecture Notes in Computer Science, Vol. 3935, pp. 175-185, Springer-Verlag, Berlin Heidelberg, 2006   DOI   ScienceOn
11 한국정보보호진흥원(KISA) , '취약점 분석 . 평가 모델' 한국정보보호진흥원(KISA), 2002
12 J. C. Frauenthal, 'Mathematical Modeling in Epidemiology,' Springer-Verlag, New York, 1980
13 김영갑, 이택, 인호, 정윤정, 김인중, 백두권, '정보 통신 기반 시설에 대한 피해 파급 모델' 제 17회 정보 보호와 암호에 대한 학술대회(WISC2005), 국가 보안 기술 연구소(NSRI),2005년 9월
14 Roy D. Yates, David J. Goodman, 'Probability and Stochastic Process,' Second Edition, WILEY International Edition. 2003
15 C. C. Zou, W. Gong, and D. Towsley, 'Code Red Worm Propagation Modeling and Analysis,' In Proc. of the 9th ACM Conference on Computer and Communications Security, pp. 138-147, November 2002   DOI
16 Kishor S. Trivedi, 'Probability and Statisics with Reliability, Queuing and Computer Science Applications,' Second Edition, WILEY Interscience, 2002
17 Z. Chen, L. Gao, K. Kwiat, 'Modeling the Spread of Active Worms,' In Proc. of IEEE INFOCOM2003, 2003   DOI
18 T. Vogt, 'Simulating and Optimising Worm Propagation Algorithms,' http://web.lemuria.org/security/WormPropagation.pdf, 2003