On the modelling of preventive security based on a PC network intrusion experiment
Paper i proceeding, 1996

This paper describes a realistic intrusion experiment intended to investigate whether such experiments can yield data suitable for use in quantitative modelling of preventive security, which denotes the system's ability to protect itself from external intrusions. The target system was a network of Personal Computer clients connected to a server. A number of undergraduate students served as attackers and continuously reported relevant data with respect to their intrusion activities. This paper briefly describes the experiment and presents a compilation of all the types of data recorded. A first interpretation and classification of the data are made, and its possible use for modelling purposes is discussed. Summaries of breach parameters and a number of informtive diagrams and tables reflecting the intrusion process are presented.

security assessment

intrusion experiment



Ulf Gustafson

Erland Jonsson

Institutionen för datorteknik

Tomas Olovsson

Institutionen för datorteknik

ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy

Vol. 1172 242-252





Informations- och kommunikationsteknik