Developing an empirical study of how qualified subjects might be selected for IT system security penetration testing
Abstract
This paper describes a planned program of investigation designed to determine what characteristics are signficant in predicting performance of students used as subjects in IT system penetration testing testbeds. In large part the experimental design replicates an earlier study by Jonsson et al., and extends that study to include factors describing the attacking subjects. In this way the proposed study is expected to be able to verify and further their work by collecting data on a larger population of subjects. Among others we expect to verify their hypothesis that to the stationary nature of the breaking-in process and the intrusion process during the standard attack phase is characterized by exponential distribution. Finally, the proposed study will be also usable for the purpose of evaluation of intrusion detection systems.
Full Text:
PDFDOI: http://dx.doi.org/10.17951/ai.2004.2.1.414-424
Date of publication: 2015-01-04 00:00:00
Date of submission: 2016-04-27 10:11:24
Statistics
Total abstract view - 535
Downloads (from 2020-06-17) - PDF - 0
Indicators
Refbacks
- There are currently no refbacks.
Copyright (c) 2015 Annales UMCS Sectio AI Informatica
This work is licensed under a Creative Commons Attribution 4.0 International License.