Measuring Relative Attack Surfaces
作者: Michael Howard , Jon Pincus , Jeannette M. Wing
关键词:
摘要: We propose a metric for determining whether one version of system is more secure than another with respcct to fixed set dimensions. Rather count bugs at the code level or vulnerability reports level, we system's attack opportunities. use this as an indication “attackability,” likelihood that it will be successfully attacked. describe surface along three abstract dimensions: targets and enablers, channels protocols, access rights. Intuitively, exposed surface, opportunities, hence likely target attack. Thus, way improve security reduce its surface.
springer.com
colostate.edu 参考文章(8)
Brian P Bailey, Laura J Gurak, Joseph A Konstan, Trust in Cyberspace ,(1999)
J. Gray, A census of Tandem system availability between 1985 and 1990 IEEE Transactions on Reliability. ,vol. 39, pp. 409- 418 ,(1990) , 10.1109/24.58719
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber, Authentication in distributed systems ACM Transactions on Computer Systems. ,vol. 10, pp. 265- 310 ,(1992) , 10.1145/138873.138874
Perry Wagle, Steve Beattie, Crispin Cowan, Seth Arnold, Chris Wright, Adam Shostack, Timing the Application of Security Patches for Optimal Uptime usenix large installation systems administration conference. pp. 233- 242 ,(2002)
I. Lee, R.K. Iyer, Faults, symptoms, and software fault tolerance in the Tandem GUARDIAN90 operating system FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing. pp. 20- 29 ,(1993) , 10.1109/FTCS.1993.627304
Hilary Browne William, William A Arbaugh, M John, William L Fithen, A trend analysis of exploitations ieee symposium on security and privacy. pp. 214- 229 ,(2001) , 10.1109/SECPRI.2001.924300
Andy Chou, Junfeng Yang, Benjamin Chelf, Seth Hallem, Dawson Engler, An empirical study of operating systems errors symposium on operating systems principles. ,vol. 35, pp. 73- 88 ,(2001) , 10.1145/502034.502042
Butler W. Lampson, Protection ACM SIGOPS Operating Systems Review. ,vol. 8, pp. 18- 24 ,(1974) , 10.1145/775265.775268