A formal model for network-wide security analysis

被引:14
|
作者
Matousek, Petr [1 ]
Rab, Jaroslav [1 ]
Rysavy, Ondrej [1 ]
Sveda, Miroslav [1 ]
机构
[1] Brno Univ Technol, Fac Informat Technol, Brno 61266, Czech Republic
来源
FIFTEENTH IEEE INTERNATIONAL CONFERENCE AND WORKSHOPS ON THE ENGINEERING OF COMPUTER-BASED SYSTEMS, PROCEEDINGS | 2008年
关键词
D O I
10.1109/ECBS.2008.13
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Network designers perform challenging tasks with so many configuration options that it is often hard or even impossible for a human to predict all potentially dangerous situations. In this paper, we introduce a formal method approach for verification of security constraints on networks with dynamic routing protocols in use. A unifying model based on packet-filters is employed for modelling of network behaviour Over this graph model augmented with filtering rules over edges verification of reachability properties can be made. In our approach we also consider topology changes caused by dynamic routing protocols.
引用
收藏
页码:171 / 181
页数:11
相关论文
共 50 条
  • [1] Diagnosing Network Disruptions with Network-Wide Analysis
    Huang, Yiyi
    Feamster, Nick
    Lakhina, Anukool
    Xu, Jun
    [J]. SIGMETRICS'07: PROCEEDINGS OF THE 2007 INTERNATIONAL CONFERENCE ON MEASUREMENT & MODELING OF COMPUTER SYSTEMS, 2007, 35 (01): : 61 - 72
  • [2] Security clustering: A network-wide secure computing mechanism in pervasive computing
    Gu, J
    Park, S
    Nah, J
    Sohn, S
    Song, O
    [J]. NETWORKING 2004: NETWORKING TECHNOLOGIES, SERVICES, AND PROTOCOLS; PERFORMANCE OF COMPUTER AND COMMUNICATION NETWORKS; MOBILE AND WIRELESS COMMUNICATIONS, 2004, 3042 : 1326 - 1331
  • [3] Network-Wide Configuration Synthesis
    El-Hassany, Ahmed
    Tsankov, Petar
    Vanbever, Laurent
    Vechev, Martin
    [J]. COMPUTER AIDED VERIFICATION (CAV 2017), PT II, 2017, 10427 : 261 - 281
  • [4] Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
    Li Zonglin
    Hu Guangmin
    Yao Xingmiao
    Yang Dan
    [J]. EURASIP Journal on Advances in Signal Processing, 2009
  • [5] A Modified Network-Wide Road Capacity Reliability Analysis Model for Improving Transportation Sustainability
    Ji, Kui
    Ma, Jianxiao
    [J]. ALGORITHMS, 2021, 14 (01) : 1 - 14
  • [6] Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
    Li Zonglin
    Hu Guangmin
    Yao Xingmiao
    Yang Dan
    [J]. EURASIP JOURNAL ON ADVANCES IN SIGNAL PROCESSING, 2009,
  • [7] Formal integrated network security analysis tool: formal query-based network security configuration analysis
    Maity, Soumya
    Bera, P.
    Ghosh, Soumya K.
    Al-Shaer, Ehab
    [J]. IET NETWORKS, 2015, 4 (02) : 137 - 147
  • [8] Network-wide prediction of BGP routes
    Feamster, Nick
    Rexford, Jennifer
    [J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2007, 15 (02) : 253 - 266
  • [9] Seamless Network-Wide IGP Migrations
    Vanbever, Laurent
    Vissicchio, Stefano
    Pelsser, Cristel
    Francois, Pierre
    Bonaventure, Olivier
    [J]. ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2011, 41 (04) : 314 - 325
  • [10] Cooperative Network-wide Flow Selection
    Basat, Ran Ben
    Einziger, Gil
    Tayh, Bilal
    [J]. 2020 IEEE 28TH INTERNATIONAL CONFERENCE ON NETWORK PROTOCOLS (IEEE ICNP 2020), 2020,
12345