【 摘 要 】

Quantitative security metrics are becoming increasingly important to system administrators. ADVISE generates quantitative security metrics by combining a system vulnerability graph with an adversary profile through an adversary decision algorithm. Previously, the decision algorithm placed restrictive assumptions on the adversary profile, and simulation was the sole solution method for ADVISE models. In this thesis, the decision algorithm is generalized while simultaneously improving its performance by incorporating theory from discrete-time Markov games. Furthermore, by exploring the state-space and generating the transition probability matrix, numerical solution methods may be applied to solve ADVISE models. Identifying key properties allows the models to be tested for compatibility with alternative solution methods from the literature, enabling additional metrics for ADVISE models. Finally, the performance of simulation is improved significantly by introducing decision caching. Together these accomplishments expand the number of quantitative security metrics and solution methods available to ADVISE models while lifting restrictions on the adversary profile and improving performance.

【 预 览 】

附件列表

Files	Size	Format	View
A generalized adversary decision algorithm and analytic solution methods for advise models	397KB	PDF	download