Information Technology Reference
In-Depth Information
Let us consider an example of using the SAS prototype for developed case study.
Let we need to determine a security level of the file-server against attacks “denial of
service” when the malefactor's experience level is a “novice”. To do this we need to
enumerate the necessary assets and its confidentiality and criticality levels (in brack-
ets): (1) Information resources: the information about open ports on file-server (5,2);
the information about used services on file-server (5,2); the information about operat-
ing system of file-server (5,8); the information about users on file-server - names and
groups (5,8); the password of the user “admin” (10, 10); (2) Software resources: oper-
ating system (5,10); physical resources: server (0,10); (3) Services: file-server (0,10).
According to the malefactor's model realization SAS creates one script consisting
of the following two stages: (1) reconnaissance and (2) threat realization (denial of
service). At a first stage all accessible groups of actions are executed: port scanning,
OS determination, services identification, etc. Actions of each group are executed un-
til a positive result is reached, e.g. port scanning begins with “TCP SYN scan”, in
case of negative result the “TCP connect scan” is executed, and so on. If port scan-
ning and identification of services are successfully completed by the first methods and
three methods of OS determination and five methods of user logins enumeration are
completed by failure, then the security metric of reconnaissance stage can be calcu-
lated as follows: P
R
=1 - N
SA
/N
A
=1 - 2/10=0.8, where N
SA
- the number of successful
actions, N
A
- the common number of actions. If at the stage of threat realization the
usage of tenth vulnerability is successful, then the metric of thread realization stage is
P
TR
=1- N
SA
/N
A
=1 - 1/10=0.9. The security metric for the whole script is
(0.8+0.9)/2=0.85. Taking into account that only one script has been generated, the in-
tegral metric is also equal 0.85. The value of security metric depends on the realiza-
tion of malefactor's model. For example, in case of using backward inference method
of malefactor goal achievement, the total number of actions is decreased; conse-
quently the value of security metric is reduced.
Let us calculate a confidentiality and criticality levels of successfully attacked as-
sets. At reconnaissance stage, the malefactor has received the information which total
level of confidentiality is 10 and total level of criticality is 4. For the information
which the malefactor tried to receive the appropriate levels are (20, 20). After nor-
malization, the losses of confidentiality and criticality are (0.5, 0.2). At thread realiza-
tion stage, the file-server has been successfully attacked (0 points of confidentiality
and 10 points of criticality have been lost), therefore the appropriate losses are (0, 1).
At script level the losses of confidentiality and criticality are as follows: ((0.5+0)/2,
(0.2+1)/2) = (0.25, 0.6). The total security metric can be calculated as difference 1 and
average value of the given coefficients: 1-0.43=0.57.
Let us select by expert evaluation the following security level scale: (1) “green” -
if security level value in an interval [1, 0.8); (2) “yellow” - [0.8, 0.6); (3) “red” - [0.6,
0]. Then the value 0.57 acts as “red” level. As guideline on increase of security level,
the report with instructions about vulnerability elimination is generated. Procedure of
security level evaluation is repeated after eliminating detected vulnerabilities.
8 Conclusion
The paper offered the approach to vulnerability analysis and security level assessment
of computer networks, intended for implementation at various stages of a life cycle of
analyzed computer systems.
