View article

This paper proposes a novel approach to help computing system administrators in monitoring the security of their systems. This approach is based on modeling the system as a privilege graph exhibiting operational security vulnerabilities and on transforming this privilege graph into a Markov chain corresponding to all possible successful attack scenarios. A set of tools has been developed to generate automatically the privilege graph of a Unix system, to transform it into the corresponding Markov chain and to compute characteristic measures of the operational system security.