Data Collection for Security Fault Forecasting - Pilot Experiment

摘要: In most contexts, it is not feasible to guarantee that a system 100% secure. Measures and predictions of operational security computer systems are therefore obviously interest any owner which candidate for potential intruders. Such measures would allow assessment current future expected loss the due breaches in given attacking environment level protection. [Littlewood, Brocklehurst et al. 1991] probabilistic approach modelling security, analogous used reliability, suggested. It clear empirical data be useful deriving plausible modelling. can acquired experimentally, by allowing group selected people perform attacks on controlled way. The attack process then monitored relevant recorded. This document describes such an experiment. As far as we aware, this first attempt conduct experiment, our intention was more explore general feasibility than collect provides significant information pilot experiment did indeed give some valuable how full-scale experiments kind should performed results recommendations improvements experimental set-up discussed here. Release number 2 status Final