Title :
An Approach for Automated Network-Wide Security Analysis
Author :
Sveda, Miroslav ; Rysavy, Ondrej ; Matousek, Petr ; Rab, Jaroslav
Author_Institution :
Fac. of Inf. Technol., Brno Univ. of Technol., Brno, Czech Republic
Abstract :
This paper deals with an approach to security analysis of TCP/IP-based computer networks. The method developed stems from a formal model of network topology with changing link states, and deploys bounded model checking of network security properties supported by SAT-based decision procedure. Its implementation should consist of a set of tools that can provide automatic analysis of router configurations, network topologies, and states with respect to checked properties. While this project aims at supporting a real practice, it stems from the previous, more theoretical research designing the method in detail including its formal background.
Keywords :
computer network security; telecommunication network topology; transport protocols; SAT-based decision procedure; TCP/IP-based computer networks; automated network-wide security analysis; bounded model checking; formal model; network security properties; network topology; Computer security; Data security; IP networks; Information analysis; Information filtering; Information filters; Information security; Network topology; Protection; Web server; SAT-based decision procedure; TCP/IP networks; bounded model-checking; changing network topology; network security analysis;
Conference_Titel :
Networks (ICN), 2010 Ninth International Conference on
Conference_Location :
Menuires
Print_ISBN :
978-1-4244-6083-0
DOI :
10.1109/ICN.2010.69
