Comparison of Security Models
Attack Graphs Versus Petri Nets
Steven C. White; Sahra Sedigh Sarvestani Department of Electrical and Computer Engineering, Missouri University of Science and Technology, Rolla, Missouri, USA
Abstract
Modeling of system and information security aims to facilitate formal representation and analysis of security, where vulnerabilities are identified and addressed. This chapter discusses the two categories of static and dynamic security models, as exemplified by attack graphs and Petri nets, respectively. Also discussed is the significant enhancement that results from extending these models to capture nondeterministic behavior, in stochastic attack graphs and stochastic Petri nets, respectively. The ...