• Corpus ID: 2679804

MulVAL: A Logic-based Network Security Analyzer

@inproceedings{Ou2005MulVALAL,
  title={MulVAL: A Logic-based Network Security Analyzer},
  author={Xinming Ou and Sudhakar Govindavajhala and Andrew W. Appel},
  booktitle={USENIX Security Symposium},
  year={2005}
}
To determine the security impact software vulnerabilities have on a particular network, one must consider interactions among multiple network elements. For a vulnerability analysis tool to be useful in practice, two features are crucial. First, the model used in the analysis must be able to automatically integrate formal vulnerability specifications from the bug-reporting community. Second, the analysis must be able to scale to networks with thousands of machines. We show how to achieve… 
Topological Analysis of Multi-phase Attacks using Expert Systems
TLDR
A general logic-based framework for modeling network configurations and topologies is presented and a number of important and wide-spread network vulnerabilities are modeled as general inference rules based on the framework definitions.
Augmenting MulVAL with automated extraction of vulnerabilities descriptions
TLDR
A prototype tool that can parse vulnerability descriptions, as provided in the CVE, to retrieve relevant information for generating interaction rules that can be incorporated into an attack graph generation software allows for the attack graphs generated to be up-to-date with any recently discovered vulnerabilities.
Vulnerability Take Grant (VTG): An efficient approach to analyze network vulnerabilities
TLDR
A comprehensive approach to analyze network vulnerabilities in order to answer the safety problem focusing on vulnerabilities, using a graph-based model and the new concept of vulnerability rewriting rule to specify the requirements and consequences of exploiting vulnerabilities.
A Logic-Reasoning Approach to Network Security Analysis
TLDR
This paper proposes logical exploitation graph, which directly illustrate logical dependencies among exploitation goals and network configure, and builds upon LEG-NSA, a network security analyzer based on Prolog logical programming.
A Logic-Reasoning Approach to Network Security Analysis
TLDR
This paper proposes logical exploitation graph, which directly illustrate logical dependencies among exploitation goals and network configure, and builds upon LEG-NSA, a network security analyzer based on Prolog logical programming.
An Approach for Network Security Analysis Using Logic Exploitation Graph
  • Han-dong Mao, Weiming Zhang
  • Computer Science
    7th IEEE International Conference on Computer and Information Technology (CIT 2007)
  • 2007
TLDR
This paper proposes logical exploitation graph, which directly illustrate logical dependencies among exploitation goals and network configure, and demonstrates how to reason all exploitation paths using bottom-up and top-down evaluation algorithms in the Prolog logic- programming engine.
An Improved Model for Analysis of Host Network Vulnerability
TLDR
The goal of this paper is to provide a framework, architecture, and an intelligent approach to vulnerability analysis by utilizing the concept of automated scanning tools.
Windows Access Control Demystified ∗
In the Secure Internet Programming laboratory at Princeton University, we have been investigating network security management by using logic programming. We developed a rule based framework —
Vulnerability analysis of cyber security modellinglanguage models using probabilistic logic
Computer systems are an essential asset of large companies such as banks, financial institutions, utility companies and telecommunication providers. Given their important roles for the functioning
Guide to Vulnerability Analysis for Computer Networks and Systems
  • A. Crampton
  • Computer Science
    Computer Communications and Networks
  • 2018
TLDR
The volume of research being performed into the use of artificial intelligence techniques in vulnerability assessment is increasing, and there is a need to provide a survey into the state of the art.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 32 REFERENCES
Model-Based Analysis of Configuration Vulnerabilities
TLDR
This paper demonstrates a new approach to vulnerability analysis based on model checking by modelling a simplified version of a UNIX-based system, and analyzing this system using model-checking techniques to identify nontrivial Vulnerabilities.
Using model checking to analyze network vulnerabilities
TLDR
This work addresses the network vulnerabilities problem with test cases, which amount to attack scenarios, generated by a model checker, and encodes the vulnerabilities in a state machine description suitable for a modelChecker and asserts that an attacker cannot acquire a given privilege on a given host.
Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY
To understand overall vulnerability to network attack, one must consider attacker exploits not just in isolation, but also in combination. That is, one must analyze how low-level vulnerabilities can
Automatic management of network security policy
  • J. Burns, A. Cheng, +5 authors D. M. Martin
  • Computer Science
    Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01
  • 2001
TLDR
The paper aims to reduce human involvement in network management by building a practical network reconfiguration system so that simple security policies stated as positive and negative invariants are upheld as the network changes.
Scalable, graph-based network vulnerability analysis
TLDR
This paper revisits the idea of attack graphs themselves, and argues that they represent more information explicitly than is necessary for the analyst, and proposes a more compact and scalable representation.
Automated generation and analysis of attack graphs
TLDR
This paper presents an automated technique for generating and analyzing attack graphs, based on symbolic model checking algorithms, letting us construct attack graphs automatically and efficiently.
Formal modeling of vulnerability
TLDR
This work developed and adopted a working definition of vulnerability, model security-related facts in simple propositional logic, construct a graph of temporal dependencies among vulnerabilities, and analyze the resulting graph visualization.
Firmato: A novel firewall management toolkit
TLDR
This paper presents Firmato, a firewall management toolkit, with the following distinguishing properties and components: an entity-relationship model containing, in a unified form, global knowledge of the security policy and of the network topology.
Rule Based Analysis of Computer Security
TLDR
A tool for improving the operational security of discretionary access control systems is described, a rule based system that knows about the behavior of the computer''s software and the tricks used by attackers and deduces the set of privileges directly or indirectly accessible to each user.
NetKuang - A Multi-Host Configuration Vulnerability Checker
TLDR
NetKuang is an extension to Baldwin's SU-Kuang that runs on networks of computers using Unix and can find vulnerabilities created by poor system configuration and has found real vulnerabilities on production systems.
...
1
2
3
4
...