Sammendrag
We describe a game-theoretic method to compute the
probabilities of expected attacker behavior, and we demonstrate
how these probabilities can be incorporated in the
transition rate matrix of a stochastic model for operational
security assessment. The game-theoretic method is based
on a reward concept, which considers the effect of successful
attacks, as well as the possible cost of detection
when computing the expected attacker strategy. Our method
aims to fill an important gap in the application of reliability
methodology to security evaluation. To demonstrate the
usability of the method in different threat environments, an
illustrative example is provided.
Vis fullstendig beskrivelse