Comparison of Security Models: Attack Graphs versus Petri Nets
Abstract
Modeling of system and information security aims to facilitate formal representation and analysis of security, where vulnerabilities are identified and addressed. This chapter discusses the two categories of static and dynamic security models, as exemplified by attack graphs and Petri nets, respectively. Also discussed is the significant enhancement that results from extending these models to capture nondeterministic behavior, in stochastic attack graphs and stochastic Petri nets, respectively. The models are evaluated and compared with respect to (i) accuracy and (ii) potential for decision support, and Petri nets are found to be superior to attack graphs in both criteria.
Recommended Citation
S. C. White and S. Sedigh, "Comparison of Security Models: Attack Graphs versus Petri Nets," Advances in Computers, vol. 94, pp. 1 - 24, Elsevier, Nov 2014.
The definitive version is available at https://doi.org/10.1016/B978-0-12-800161-5.00001-3
Department(s)
Electrical and Computer Engineering
International Standard Book Number (ISBN)
978-0128001615
International Standard Serial Number (ISSN)
0065-2458
Document Type
Book - Chapter
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2014 Elsevier, All rights reserved.
Publication Date
01 Nov 2014
