Click here for full text:
Towards an analytic model of security flaws
Tofts, Chris; Monahan, Brian
Keyword(s): security; models; flaws; branching process; analytic
Abstract: A simple model of the dynamics of flaws within a software security system is presented. We demonstrate how this model can be fully captured by a Galton- Watson branching process and thus can be effectively calculated upon. Using the limit behaviour of a Galton-Watson branching process, we can demonstrate how a multi-layered security system can become secure even with 'poor' flaw correction. Finally we make some observations about how the parameters of our models can be estimated and how further results from branching processes could be exploited within security systems.
Back to Index