scispace - formally typeset
Search or ask a question

Showing papers on "Vulnerability (computing) published in 1988"


Proceedings ArticleDOI
23 Oct 1988
TL;DR: A framework for a developing network vulnerability assessment methodology is described, and an original network taxonomy is used to orient the analyst to the new network and to assess the potential vulnerability issues.
Abstract: A framework for a developing network vulnerability assessment methodology is described. An original network taxonomy is used to orient the analyst to the new network and to assess the potential vulnerability issues. Four network characteristics are used, as in data link vulnerability analysis susceptibility; interceptability; accessibility; and feasibility. Susceptibility issues are pursued in terms of three perspectives: topology; communication protocols; and management and control. The concept of layers, as in the open systems interconnection reference model, is used to deal with the protocol susceptibilities. Security of network control data, to deny spoofing, is included. >

15 citations


Journal ArticleDOI
01 Mar 1988-Networks
TL;DR: Two indices measuring the degree of influence of an edge on the vulnerability of the network in the above sense are proposed and their properties are studied in this paper.
Abstract: The concept of vulnerability of a network, by which we mean the susceptibility of the network to attack, is very useful for the design of networks such as computer networks and communication networks. In this paper, a directed flow network, in which a nonnegative real number called edge capacity or capacity is associated with each edge is considered. If an edge in a network is destroyed, the value of maximum flow between two vertices in the network is decreased in general. If the decrease of the value of maximum flow by the destruction is large, the degree of influence of the edge on the vulnerability of the network is considered to be large. Two indices measuring the degree of influence of an edge on the vulnerability in the above sense are proposed and their properties are studied in this paper. Furthermore, the two indices are generalized to functions measuring the degree of influence of an edge on the vulnerability in a network.

14 citations


Journal ArticleDOI
Cliff Stoll1
TL;DR: The vulnerability of nodes on the Milnet and (by extrapolation) civilian computers to a particular type of attack: an outsider who attempts to log in by guessing at commonly used account name/password combinations is estimated.

7 citations


Proceedings ArticleDOI
07 Jun 1988
TL;DR: The authors discuss aspect-operator-test graphs, a method for representing and evaluating engineering tasks, and apply them to power system security assessment, and show that their greatest weakness is their complete lack of clearly articulated, readily applicable, quality assurance tests.
Abstract: The authors discuss aspect-operator-test graphs, a method for representing and evaluating engineering tasks, and apply them to power system security assessment. The result indicates where research is most needed. An analysis of existing practices for short-term security assessment shows that their greatest weakness is their complete lack of clearly articulated, readily applicable, quality assurance tests. Second in the list of deficiencies is the variation of aspect population densities over the security assessment task. Last on the list are the algorithmic screening procedures used by many short-term assessment schemes to produce a worst-case list of contingencies. >

6 citations


Journal ArticleDOI
TL;DR: The theory of intercontinental ballistic missile (ICBM) silo vulnerability is reviewed, and the present and probable future (mid‐1990s) vulnerability of US silos is analyzed.
Abstract: The theory of intercontinental ballistic missile (ICBM) silo vulnerability is reviewed, and the present and probable future (mid‐1990s) vulnerability of US silos is analyzed. The analysis emphasizes methodology, sources of information, and uncertainties. US ICBMs might still be survivable today but they will certainly be vulnerable to ICBM attack, and perhaps even to submarine‐launched ballistic missile attack, by the mid‐1990s. These calculations are presented not only for their immediate importance but also to introduce other physicists to some of the quantitative methods that can be used to analyze international security topics.

3 citations


01 Feb 1988
TL;DR: A high-resolution modeling environment which supports the symposium theme of The Total System Approach to Combat Survivability is described, being rapidly expanded and is characterized by the following major features: A powerful geometric modeling environment.
Abstract: : The vulnerability of a combat system is an assessment of its susceptibility to damage, given a specific encounter with a particular threat. By contrast, system survivability can be taken to be the examination of all performance parameters which affect its availability to perform an assigned mission. Thus survivability subsumes vulnerability with the addition of many other factors. Some of the system parameters contributing to survivability are: Mobility; Agility; NBC Protection; Detection Probabilities: Magnetic; Acoustic; Optical; Infrared; and Centimeter waves/millimeter waves; and Conventional Vulnerability. The theme of this Symposium is The Total System Approach to Combat Survivability. Such an approach, therefore, requires a broad set of analytic tools which permit a system to be analyzed from many aspects with a consistent set of inputs. The aim of this paper is to describe a high-resolution modeling environment which supports the symposium theme; this environment is being rapidly expanded and is characterized by the following major features: 1) A powerful geometric modeling environment; 2) A set of flexible routines for geometric interrogation; 3) A set of analytic modules which extend across many of the disciplines which are a theme of this conference; 4) A link to Finite Element Mesh (FEM) generation; and 5) Support of above tools in a consistent, portable UNIX environment. (KR)

2 citations