A Probabilistic Cost-efficient Approach for Mobile Security Assessment

Martín Barrère 1, * Gaëtan Hurel 1 Rémi Badonnel 1 Olivier Festor 1
* Auteur correspondant
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : The development of mobile technologies and services has contributed to the large-scale deployment of smartphones and tablets. These environments are exposed to a wide range of security attacks and may contain critical information about users such as contact directories and phone calls. Assessing configuration vulnerabilities is a key challenge for maintaining their security, but this activity should be performed in a lightweight manner in order to minimize the impact on their scarce resources. In this paper we present a novel approach for assessing configuration vulnerabilities in mobile devices by using a probabilistic cost-efficient security framework. We put forward a probabilistic assessment strategy supported by a mathematical model and detail our assessment framework based on OVAL vulnerability descriptions. We also describe an implementation prototype and evaluate its feasibility through a comprehensive set of experiments.
Type de document :
Communication dans un congrès
IFIP/IEEE International Conference on Network and Service Management (CNSM'13), Oct 2013, Zurich, Switzerland. 2013
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger
https://hal.inria.fr/hal-00875219
Contributeur : Martín Barrère <>
Soumis le : lundi 21 octobre 2013 - 14:27:30
Dernière modification le : jeudi 7 février 2019 - 17:34:47
Document(s) archivé(s) le : vendredi 7 avril 2017 - 14:08:42

Fichier

Barrere-CNSM-2013.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00875219, version 1

Collections

INRIA | UNIV-LORRAINE | LORIA-NSS | LORIA

Citation

Martín Barrère, Gaëtan Hurel, Rémi Badonnel, Olivier Festor. A Probabilistic Cost-efficient Approach for Mobile Security Assessment. IFIP/IEEE International Conference on Network and Service Management (CNSM'13), Oct 2013, Zurich, Switzerland. 2013. 〈hal-00875219〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

643

Téléchargements de fichiers

2643

Contact


archive-ouverte@inria.fr