Model-Based Vulnerability Assessment of Self-Adaptive Protection Systems

  • Ricardo J. Rodríguez
  • Stefano Marrone
Conference paper
Part of the Studies in Computational Intelligence book series (SCI, volume 616)


Security mechanisms are at the base of modern computer systems, demanded to be more and more reactive to changing environments and malicious intentions. Security policies unable to change in time are destined to be exploited and thus, system security compromised. However, the ability to properly change security policies is only possible once the most effective mechanism to adopt under specific conditions is known. To accomplish this goal, we propose to build a vulnerability model of the system by means of a model-based, layered security approach, then used to quantitatively evaluate the best protection mechanism at a given time and hence, to adapt the system to changing environments. The evaluation relies on the use of a powerful, flexible formalism such as Dynamic Bayesian Networks.


  1. 1.
    Devanbu, P.T., Stubblebine, S.: Software engineering for security: a roadmap. In: Proceedings of the Conference on The Future of Software Engineering, ICSE’00, New York, pp. 227–239. ACM (2000)Google Scholar
  2. 2.
    Rodríguez, R.J., Trubiani, C., Merseguer, J.: Fault-tolerant techniques and security mechanisms for model-based performance prediction of critical systems. In: Proceedings of the 3rd ISARCS, pp. 21–30. ACM (2012)Google Scholar
  3. 3.
    de Lemos, R., et al.: Software engineering for self-adaptive systems: a second research roadmap. Software Engineering for Self-adaptive Systems II. Volume 7475 of Lecture Notes in Computer Science, pp. 1–32. Springer, Berlin (2013)Google Scholar
  4. 4.
    NIPP 2013-Partnering for Critical Infrastructure Security and Resilience. U.S. D.H.S., Technical report (2013)Google Scholar
  5. 5.
    Perez-Palacin, D., Mirandola, R., Merseguer, J.: On the relationships between QoS and software adaptability at the architectural level. J. Syst. Softw. 87, 1–17 (2014)CrossRefGoogle Scholar
  6. 6.
    Dean, T., Kanazawa, K.: A model for reasoning about persistence and causation. Comput. Intell. 5(2), 142–150 (1989)CrossRefGoogle Scholar
  7. 7.
    Macdonald, D., Clements, S., Patrick, S., Perkins, C., Muller, G., Lancaster, M., Hutton, W.: Cyber/physical security vulnerability assessment integration. In: Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES., February 2013, pp. 1–6Google Scholar
  8. 8.
    Garcia, M.L.: Vulnerability Assessment of Physical Protection Systems, 1st edn. Butterworth-Heinemann (2005)Google Scholar
  9. 9.
    Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Information Security and Cryptology–ICISC 2005, 8th International Conference, Seoul, Korea, 1–2 December 2005, pp. 186–198, Revised Selected Papers (2005)Google Scholar
  10. 10.
    Bistarelli, S., Fioravanti, F., Peretti, P., Santini, F.: Evaluation of complex security scenarios using defense trees and economic indexes. J. Exp. Theor. Artif. Intell. 24(2), 161–192 (2012)CrossRefGoogle Scholar
  11. 11.
    Zonouz, S.A., Khurana, H., Sanders, W.H., Yardley, T.M.: RRE: a game-theoretic intrusion response and recovery engine. IEEE Trans. Parallel Distrib. Syst. 25(2), 395–406 (2014)CrossRefGoogle Scholar
  12. 12.
    Ficco, M.: Security event correlation approach for cloud computing. Int. J. High Perform. Comput. Netw. 7(3), 173–185 (2013). SeptemberGoogle Scholar
  13. 13.
    Flammini, F., Marrone, S., Mazzocca, N., Vittorini, V.: Petri net modelling of physical vulnerability. Critical Information Infrastructure Security. Volume 6983 of LNCS, pp. 128–139. Springer, Berlin (2013)Google Scholar
  14. 14.
    Xie, P., Li, J.H., Ou, X., Liu, P., Levy, R.: Using Bayesian networks for cyber security analysis. In: 2010 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2010, pp. 211–220Google Scholar
  15. 15.
    Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM Workshop on Quality of Protection, QoP’08, New York, pp. 23–30. ACM (2008)Google Scholar
  16. 16.
    Tang, K., Zhou, M.T., Wang, W.Y.: Insider cyber threat situational awareness framwork using dynamic Bayesian networks. In: Proceedings of the 4th International Conference on Computer Science Education (ICCSE), pp. 1146–1150, July 2009Google Scholar
  17. 17.
    OMG: Unified Modelling Language: Superstructure. Object Management Group, August 2011. Version 2.4, formal/11-08-05Google Scholar
  18. 18.
    Chakravarthy, S., Mishra, D.: Snoop: an expressive event specification language for active databases. Data Knowl. Eng. 14(1), 1–26 (1994)CrossRefGoogle Scholar
  19. 19.
    Flammini, F., Marrone, S., Mazzocca, N., Pappalardo, A., Pragliola, C., Vittorini, V.: Trustworthiness evaluation of multi-sensor situation recognition in transit surveillance scenarios. In: Security Engineering and Intelligence Informatics. Volume 8128 of Lecture Notes in Computer Science, pp. 442–456 (2013)Google Scholar
  20. 20.
    Casey, E.: Case study: network intrusion investigation—lessons in forensic preparation. Digit. Investig. 2(4), 254–260 (2005)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.University of LeónLeonSpain
  2. 2.DiMat, Seconda Università di NapoliNapoliItaly

Personalised recommendations