Modeling Information Security
Discrete Event,System Dynamics Simulations, Intelligent Agents, Cellular Automata
Testing, User & Sys Admin Training, Vulnerability Assessment
Learning, Understanding of System
Trees, Matrices, Analytic Hierarchies
Risk Analysis,
Security Budget Allocation
Decision Making – evaluating alternatives against criteria
Linear&Dynamic Programming, Genetic Algorithms
Firewall Placement, Intrusion Detection
Optimization – locating the “best” subject to constraints
Neural Networks, Time Series, Regression
Intrusion Detection, Vulnerability Assessment
Prediction – using past data to predict future events
Methods
Example Application
Purpose
• Model the problem, the system, the world?
• Who is the target audience?
• Garbage in, Garbage out
Security models typically not used for “optimization” although can be. More often used for configuration, testing, learning