On the modelling of preventive security based on a PC network intrusion experiment

  • Ulf Gustafson
  • Erland Jonsson
  • Tomas Olovsson
Session 7: Security Models and Intrusion Detection
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1172)


This paper describes a realistic intrusion experiment intended to investigate whether such experiments can yield data suitable for use in quantitative modelling of preventive security, which denotes the system's ability to protect itself from external intrusions. The target system was a network of Personal Computer clients connected to a server. A number of undergraduate students served as attackers and continuously reported relevant data with respect to their intrusion activities. This paper briefly describes the experiment and presents a compilation of all the types of data recorded. A first interpretation and classification of the data are made, and its possible use for modelling purposes is discussed. Summaries of breach parameters and a number of informtive diagrams and tables reflecting the intrusion process are presented.


Security Vulnerability Intrusion Experimentation Modelling 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    C. R. Attanasio. P. Markstein and R. J. Phillips: Penetrating an Operating System: A Study of VM/370 Integrity, IBM Systems J., 15 (1), pp. 102–16, 1976.Google Scholar
  2. [2]
    S. Brocklehurst, B. Littlewood, T. Olovsson and E. Jonsson: On Measurement of Operational Security, in COMPASS 94 (9th Annual IEEE Conference on Computer Assurance), (Gaithersburg), pp. 257–66, IEEE Computer Society, 1994.Google Scholar
  3. [3]
    D. E. Denning: An Intrusion-Detection model, IEEE Trans. Software Engineering, 12 (2), pp. 222–32, 1987.Google Scholar
  4. [4]
    P. D. Goldis: Questions and Answers about Tiger Team, EDPACS, The EDP Audit, Control and Security Newsletter, October 1989, Vol XVII, No. 4.Google Scholar
  5. [5]
    U. Gustafson, E. Jonsson, T. Olovsson: Security Evaluation of a PC Network based on Intrusion Experiments. In the Proceedings of the 14th International Congress on Computer and Communications Security, SECURICOM '96, 4–6 June 1996, Paris, France.Google Scholar
  6. [6]
    I. S. Herschberg: Make the Tigers Hunt for You, Computers and Security, 7, pp. 197–203, 1988.Google Scholar
  7. [7]
    Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria, December 1993. ISBN 92-826-7024-4.Google Scholar
  8. [8]
    E. Jonsson, T. Olovsson: On the Integration of Security and Dependability in Computer Systems, IASTED International Conference on Reliability, Quality Control and Risk Assessment, Washington, Nov. 4–6, 1992. ISBN 0-88986-171-4, pp. 93–97.Google Scholar
  9. [9]
    E. Jonsson, M. Andersson: On the Quantitative Assessment of Behavioural Security. Presented at the Australasian Conference on Information Security and Privacy, 24–26 june 1996, Wollongong, Australia.Google Scholar
  10. [10]
    E. Jonsson, T. Olovsson: An Empirical Model of the Security Intrusion Process. In the Proceedings of the 11th Annual IEEE Conference on Computer Assurance, COMPASS '96, 17–21 June 1996, Gaithersburg, Maryland, USA.Google Scholar
  11. [11]
    B. Littlewood, S. Brocklehurst, N.E. Fenton, P. Mellor, S. Page, D. Wright, J.E. Dobson, J.A. McDermid and D. Gollmann: Towards operational measures of computer security, Journal of Computer Security, vol. 2, no. 3. 1994.Google Scholar
  12. [12]
    T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: Towards Operational Measures of Computer Security: Experimentation and Modelling, in Predictably Dependable Computing Systems (editor B. Randell et al.), Springer Verlag, ISBN 3-540-59334-9, 1995.Google Scholar
  13. [13]
    Trusted Computer System Evaluation Criteria (“Orange Book”), National Computer Security Center, Department of Defense, No DOD 5200.28.STD, 1985.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Ulf Gustafson
    • 1
  • Erland Jonsson
    • 1
  • Tomas Olovsson
    • 1
  1. 1.Department of Computer EngineeringChalmers University of TechnologyGöteborgSweden

Personalised recommendations