Automatická analýza síťové bezpečnosti
MATOUŠEK Petr. Automatická analýza síťové bezpečnosti. Brno, 2007.
Automated Network-Wide Security Analysis
Matoušek Petr, Ing., Ph.D., M.A. (DIFS FIT BUT)
network analysis, formal verification, packet classification, traffic filtering, decision diagrams
LAN and WAN networks are composed of active device their connections. The nodes make a network topology. If network topology and configuration of the nodes is well described (or automatically derived) we can predict behaviour of the converged network. The behaviour can be analyzed by similar methods that are frequently used for analysis of program and timed systems, e.g. static analysis, model checking etc. Using these techniques different properties of the system can be analyzed - reachability, safety etc. Our seminary talk will discuss the possibility of automated network-wide analysis from perspective of security. We show how formal approach can be exploited to verify behaviour of the network.