Security Risk Assessment of Server Hardware Architectures using Graph Analysis

被引:0
|
作者
Koteshwara, Sandhya [1 ]
机构
[1] IBM TJ Watson Res Ctr, Yorktown Hts, NY 10598 USA
来源
PROCEEDINGS OF THE 2021 ASIAN HARDWARE ORIENTED SECURITY AND TRUST SYMPOSIUM (ASIANHOST) | 2021年
关键词
Hardware Security; Security Risk Assessment; Hard-ware Security Metrics;
D O I
10.1109/ASIANHOST53231.2021.9699554
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The growing complexity of server architectures, which incorporate several components with state, has necessitated rigorous assessment of the security risk both during design and operation. In this paper, we propose a novel technique to model the security risk of servers by mapping their architectures to graphs. This allows us to leverage tools from computational graph theory, which we combine with probability theory for deriving quantitative metrics for risk assessment. Probability of attack is derived for server components, with prior probabilities assigned based on knowledge of existing vulnerabilities and countermeasures. The resulting analysis is further used to compute measures of impact and exploitability of attack. The proposed methods are demonstrated on two open-source server designs with different architectures.
引用
收藏
页数:4
相关论文
共 50 条
  • [41] Performance and reliability analysis of web server software architectures
    Gokhale, Swapna S.
    Vandal, Paul J.
    Lu, Jijun
    [J]. 12TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS, 2006, : 351 - +
  • [42] SECURITY ARCHITECTURES USING FORMAL METHODS
    BOYD, C
    [J]. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 1993, 11 (05) : 694 - 701
  • [43] Investment Risk and Energy Security Assessment of European Union Countries Using Multicriteria Analysis
    Kozlowska, Justyna
    Benvenga, Marco Antonio
    Naas, Irenilza de Alencar
    [J]. ENERGIES, 2023, 16 (01)
  • [44] The analysis of uncertainty of network security risk assessment using Dempster-Shafer theory
    Gao, Huisheng
    Zhu, Jing
    Li, Congcong
    [J]. PROCEEDINGS OF THE 2008 12TH INTERNATIONAL CONFERENCE ON COMPUTER SUPPORTED COOPERATIVE WORK IN DESIGN, VOLS I AND II, 2008, : 754 - +
  • [45] A Security Analysis for Home Gateway Architectures
    Parrend, Pierre
    Frenot, Stephane
    [J]. PROCEEDINGS OF WORLD ACADEMY OF SCIENCE, ENGINEERING AND TECHNOLOGY, VOL 16, 2006, 16 : 291 - 296
  • [46] A Security Vulnerability Analysis of SoCFPGA Architectures
    Chaudhuri, Sumanta
    [J]. 2018 55TH ACM/ESDA/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2018,
  • [47] Analysis of Three Multilevel Security Architectures
    Levin, Timothy E.
    Irvine, Cynthia E.
    Weissman, Clark
    Nguyen, Thuy D.
    [J]. CSAW'07: PROCEEDINGS OF THE 2007 ACM COMPUTER SECURITY ARCHITECTURE WORKSHOP, 2007, : 37 - 46
  • [48] An approach for network security analysis using logic exploitation graph
    Mao, Han-dong
    Zhang, Wei-Ming
    Feng, Chen
    [J]. 2007 CIT: 7TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY, PROCEEDINGS, 2007, : 761 - +
  • [49] Analysis of Complex Networks for Security Issues using Attack Graph
    Musa, Tanvirali
    Yeo, Kheng Cher
    Azam, Sarni
    Shanmugam, Bharanidharan
    Karim, Asif
    De Boer, Friso
    Nur, Fernaz Narin
    Faisal, Fahad
    [J]. 2019 INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND INFORMATICS (ICCCI - 2019), 2019,
  • [50] Security architectures and analysis for content adaptation
    Zeng, WJ
    Lan, JQ
    Zhuang, XH
    [J]. SECURITY, STEGANOGRAPHY, AND WATERMARKING OF MULTIMEDIA CONTENTS VII, 2005, 5681 : 84 - 95
12345