Information Technology Reference
In-Depth Information
probabilities that the attackers or the defenders find V exactly at time
t
i.e. that
td=t
(or that
ta=t
). In turns,
Pd(nd,t)
and
Pa(na, t)
are a function of
Pd(nd)
and
Pa(na)
, the probabilities that, respectively, at least one of the
nd
defenders,
or one of the
na
attackers, finds V in a single time interval. Since both
Pd(nd)
and
Pa(na)
are time independent, we have that:
Pd
(
nd
))
t−
1
Pd
(
nd, t
)=(1
−
·
Pd
(
nd
)
Pa
(
na
))
t−
1
Pa
(
na, t
)=(1
−
·
Pa
(
na
)
Taking into account that each attacker and each defender works in isolation,
Pd
(1))
nd
Pa
(1))
na
Pd
(
nd
)=1
−
(1
−
Pa
(
na
)=1
−
(1
−
(1)
where
Pd(1)
and
Pa(1)
are, respectively, the probabilities that a defender and
an attacker finds V in one interval of time. In the following,we assume that
Pd
(1) =
Pa
(1) so that each attacker and each defender have the same probability
of finding the vulnerability in one interval.
This assumption neglects that a defender can access an amount of the infor-
mation on the infrastructure larger than the one of the attacker and that this
asymmetry should, at least in principle, simplify the search of the defender. To
model this asymmetry while preserving
Pd
(1) =
Pa
(1), the number of defend-
ers may be multiplied by a constant factor
ϕ, ϕ
1 before applying the 0-delay
model. In the following, we assume that the number of defenders has already
been multiplied by
ϕ
and drop the dependency of the probabilities from
Pd(1)
and
Pa(1)
.
The previous consideration shows that the following relation holds:
≥
N−i
Pa
(
na
))
ta−
1
Pd
(
nd
))
ta−
1+
i
P
(
vw
=
i
|
na, nd
)= lim
N→∞
(1
−
·
Pa
(
na
)
·
(1
−
·
Pd
(
nd
)
ta
=1
This defines the probability that
vw
=
i
as the limit of the sum of the
probabilities of all the cases where:
1. an attacker finds V at
ta
,
2. the first defender find V at
td=ta+i
,
3. both
ta
and
td
belong to the range
1..N
.
Under these condition
ta
is,atmost,equalto
N-i
because
td
always belongs
to
1..N
. Furthermore, we can consider the limit of the sum as
N
, the upper
bound on
td
goes to infinity because we have assumed an unbounded life of the
infrastructure. From a practical point of view, this introduce an error that is
acceptable anytime the life of the infrastructure will be much larger than
δ
t.
It can be proved that:
Pd
(
nd
))
i
1
−
(1
− Pa
(
na
))
·
(1
−
P
(
vw
=
i>
0
|
na, nd
)=
Pa
(
na
)
·
Pd
(
nd
)
·
−
Pd
(
nd
))
(1