Title :
Host-Centric Model Checking for Network Vulnerability Analysis
Author :
Hewett, Rattikorn ; Kijsanayothin, Phongphun
Author_Institution :
Dept. of Comput. Sci., Texas Tech Univ., Abilene, TX
Abstract :
Research has successfully applied model checking, a formal verification technique, to automatically generate chains of vulnerability exploits that an attacker can use to reach his goal. Due to the combinatorial explosion of the chain generation problem space, model checkers do not scale well to networks containing a large number of hosts. This paper proposes a methodology that uses a host-centric modeling approach together with a monotonicity assumption to alleviate the scalability problem of model checkers. We describe the proposed approach, its limitations, and show how it can reduce the time complexity of chain generation to a quadratic polynomial of the number of hosts, both theoretically and empirically. We also compare its advantages over similar customized graph-based approaches.
Keywords :
computational complexity; formal verification; security of data; chain generation problem space; formal verification; host-centric model checking; network vulnerability analysis; quadratic polynomial; scalability problem; time complexity; Application software; Computer science; Computer security; Counting circuits; Explosions; Logic testing; Network servers; Polynomials; Scalability; Tree graphs;
Conference_Titel :
Computer Security Applications Conference, 2008. ACSAC 2008. Annual
Conference_Location :
Anaheim, CA
Print_ISBN :
978-0-7695-3447-3
DOI :
10.1109/ACSAC.2008.15
