Open AccessMultifactor Violator Model. Condition-factors and Resource-factors
Author(s) -
Oleksandr Kireienko
Publication year - 2020
Publication title -
european journal of electrical engineering and computer science
Language(s) - English
Resource type - Journals
ISSN - 2736-5751
DOI - 10.24018/ejece.2020.4.2.196
Subject(s) - resource (disambiguation) , set (abstract data type) , business , computer security , environmental economics , computer science , economics , computer network , programming language
Attack scenarios with limitations were investigated. Resource-factors and condition-factors were set as two types of limitations. Resource-factors are spent at each step of attack and can be replenished completely or partially if a given attack step was successful. A situation, where successful completion of current step with one or more preceding ones is required to replenish resource-factors, is possible. After each step of attack the violator can “exchange” resource-factors to accumulate the required amount of those factors for the next step. The lack of the required amount of resource-factors may either forcefully interrupt an attack or to lower success probability or reduce the time required by protection side to discover the consequences of an attack. This article doesn’t consider the change of relative cost of resource-factors, that is caused by urgency, so that all resource-factors have fixed cost regardless of violator’s reserve of these resource-factors.
Conditions-factors are fixed limitations for conducting an attack. Discrepancy of condition-factors makes it impossible to either start an attack or to finish the current attack’s step. In certain cases the lack in one condition-factor can be compensated with excess of another condition-factor or via spending additional resource-factors.
The influence on resource-factors and condition-factors is laid as a basis of protection strategies. The strategy of increasing the values of condition-factors for violator decreases the total amount of attacks on a system by screening beginner violators. The threat level from groups of violators and from experienced violators will remain unchanged. The strategy of increasing the rate of resource-factors spending is designed to interrupt attacks in progress. Strategy of decreasing the amount of resource-factors that can be replenished after successful completion of certain steps of attack scenario is meant to decrease violator’s interest in attacking specifically our system and to decrease the chances of attack repetition if an attack occurred.