Information Technology Reference
In-Depth Information
defenders depends upon the investment in security of the owner after the de-
ployment. In a billing infrastructure, the loss of revenues due to a vulnerability
V, i.e. the impacts of attacks exploiting V, depends upon the vulnerability win-
dow of V [8,26,27]. This window is the interval of time from when an attacker
discovers V till when a defender finds V as well. The proposed model, 0-delay
model, evaluates the loss in the revenue in terms of the window size and of the
numbers of attackers and of defenders. As implied by its name, the model as-
sumes that both the patching and the attacks are immediately executed as soon
as either the defenders or the attackers find a vulnerability. The model may be
integrated with game theory [21] to define an optimal allocation of attackers and
defenders to the search of vulnerabilities. The model also enables the owner to
determine whether to deploy the infrastructure even if some vulnerabilities have
not been removed because he/she is willing to accept the average impact of the
attacks enabled by the remaining vulnerabilities. Lastly, the model may be used
to evaluate the advantages of open source components vs. proprietary ones with
a ”security through obscurity” approach [5,6].
The importance of a quantitative evaluation of attack impacts has often
been stressed [5,17,18,23,25]. [25] presents a survey of current approaches and
introduces the notion of market price of vulnerability. This notion cannot be
immediately applied to a billing infrastructure where this price depends upon the
service billed rather than the infrastructure components. [16] applies game theory
to information warfare while [21] applies an insurance inspired methodology to
optimally allocation a set of defenders to minimize the impact of a terrorist
attack on a set of targets. The competition between defenders and attackers in
the search for vulnerabilities has previously been considered in [9,23] but these
works are focused on the disclosure policy rather than on attack impacts. Some of
our assumptions are similar to those of [23] to compute the probability of finding
a vulnerability. [9] considers the search for vulnerabilities and a social planner
that decide when a vulnerability is disclosed. Coherently with the evaluation
of disclosure policies, it assumes that a vulnerability is discovered by a benign
user, i.e. a defender, rather by an attacker. Furthermore, most of the works on
vulnerabilities and attacks considers general-purpose systems rather than billing
infrastructure.
Sect. 2 introduces the 0-delay model and shows how it defines the average
impact of an attack as a function of the numbers of attackers and defenders
as well as of the vulnerability window. For the sake of simplicity, at first a
simplified version of the model is introduced. Then, a more general version is
defined by relaxing some of the constraints. Sect. 3 briefly outlines some alter-
native developments of our work. At first, we consider an infrastructure with
several vulnerabilities and we show that, also in this case, the impact is always
a function of the numbers of attackers and defenders searching for distinct vul-
nerabilities. Lastly, we show how our model may contribute to the debate on
”security through obscurity” and on the adoption of open source components.
