Sciweavers

ACSAC
2002
IEEE

Representing TCP/IP Connectivity For Topological Analysis of Network Security

14 years 5 months ago
Representing TCP/IP Connectivity For Topological Analysis of Network Security
The individual vulnerabilities of hosts on a network can be combined by an attacker to gain access that would not be possible if the hosts were not interconnected. Currently available tools report vulnerabilities in isolation and in the context of individual hosts in a network. Topological vulnerability analysis (TVA) extends this by searching for sequences of interdependent vulnerabilities, distributed among the various network hosts. Model checking has been applied to the analysis of this problem with some interesting initial result. However previous efforts did not take into account a realistic representation of network connectivity. These models were enough to demonstrate the usefulness of the model checking approach but would not be sufficient to analyze real-world network security problems. This paper presents a modem of network connectivity at multiple levels of the TCP/IP stack appropriate for use in a model checker. With this enhancement, it is possible to represent realistic...
Ronald W. Ritchey, Brian O'Berry, Steven Noel
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ACSAC
Authors Ronald W. Ritchey, Brian O'Berry, Steven Noel
Comments (0)