This thesis presents a new approach for quantitative security evaluation for computer systems. The main objective of this work is to define and evaluate several quantitative measures. These measures are probabilistic and aim at quantifying the environment influence on the computer system security considering vulnerabilities. Initially, we identified the three factors that have a high influence on system state: 1) the vulnerability life cycle, 2) the attacker behaviour and 3) the administrator behaviour. We studied these three factors and their interdependencies and distinguished two main scenarios based on nature of vulnerability discovery, i.e. malicious or non malicious. This step allowed us to identify the different states of the system ...
The threat caused by software vulnerabilities is growing exponentially. This phenomenon is due, on t...
2016 Summer.Includes bibliographical references.Most of the attacks on computer systems and networks...
Modern bug-finding techniques have become effective enough that the bottleneck is not finding bugs b...
This thesis presents a new approach for quantitative security evaluation for computer systems. The m...
Cette thèse présente une nouvelle approche pour l évaluation quantitative de la sécurité des système...
This dissertation presents a general method for the specification and quantitative evaluation of inf...
National audienceLes travaux présentés dans cet article sont consacrés à la sécurisation des système...
Current computing systems have to protect the data they hold and to fit easily into versatile workin...
International audienceThe objective of this work is the evaluation of information systems security u...
The research summarized in this report focuses on the dependability of computer systems. It addresse...
La menace posée par les vulnérabilités logicielles croît de manière exponentielle. Ce phénomèneest d...
International audienceLes travaux présentés dans cet article sont consacrés à la sécurisation des sy...
Nowadays, computer networks are used in many fields and their breakdown can strongly impact our dail...
Modern systems transition towards more connected, information and communication technologies (ICT) h...
The threat caused by software vulnerabilities is growing exponentially. This phenomenon is due, on t...
2016 Summer.Includes bibliographical references.Most of the attacks on computer systems and networks...
Modern bug-finding techniques have become effective enough that the bottleneck is not finding bugs b...
This thesis presents a new approach for quantitative security evaluation for computer systems. The m...
Cette thèse présente une nouvelle approche pour l évaluation quantitative de la sécurité des système...
This dissertation presents a general method for the specification and quantitative evaluation of inf...
National audienceLes travaux présentés dans cet article sont consacrés à la sécurisation des système...
Current computing systems have to protect the data they hold and to fit easily into versatile workin...
International audienceThe objective of this work is the evaluation of information systems security u...
The research summarized in this report focuses on the dependability of computer systems. It addresse...
La menace posée par les vulnérabilités logicielles croît de manière exponentielle. Ce phénomèneest d...
International audienceLes travaux présentés dans cet article sont consacrés à la sécurisation des sy...
Nowadays, computer networks are used in many fields and their breakdown can strongly impact our dail...
Modern systems transition towards more connected, information and communication technologies (ICT) h...
The threat caused by software vulnerabilities is growing exponentially. This phenomenon is due, on t...
2016 Summer.Includes bibliographical references.Most of the attacks on computer systems and networks...
Modern bug-finding techniques have become effective enough that the bottleneck is not finding bugs b...