Developing an empirical study of how qualified subjects might be selected for IT system security penetration testing

L.m. Guard, M.d. Crossland, Marcin Paprzycki, J.p. Thomas

Abstract


This paper describes a planned program of investigation designed to determine what characteristics are signficant in predicting performance of students used as subjects in IT system penetration testing testbeds. In large part the experimental design replicates an earlier study by Jonsson et al., and extends that study to include factors describing the attacking subjects. In this way the proposed study is expected to be able to verify and further their work by collecting data on a larger population of subjects. Among others we expect to verify their hypothesis that to the stationary nature of the breaking-in process and the intrusion process during the standard attack phase is characterized by exponential distribution. Finally, the proposed study will be also usable for the purpose of evaluation of intrusion detection systems.

Full Text:

PDF


DOI: http://dx.doi.org/10.17951/ai.2004.2.1.414-424
Date of publication: 2015-01-04 00:00:00
Date of submission: 2016-04-27 10:11:24


Statistics


Total abstract view - 469
Downloads (from 2020-06-17) - PDF - 0

Indicators



Refbacks

  • There are currently no refbacks.


Copyright (c) 2015 Annales UMCS Sectio AI Informatica

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.