Detail výsledku
An Approach for Automated Network-Wide Security Analysis
Ryšavý Ondřej, doc. Ing., Ph.D., UIFS (FIT)
Matoušek Petr, doc. Ing., Ph.D., M.A., UIFS (FIT)
Ráb Jaroslav, Ing., UIFS (FIT)
This paper deals with an approach to security analysis of TCP/IP-based computer networks. The method developed stems from a formal model of network topology with changing link states, and deploys bounded model checking of network security properties supported by SAT-based decision procedure. Its implementation should consist of a set of tools that can provide automatic analysis of router configurations, network topologies, and states with respect to checked properties. While this project aims at supporting a real practice, it stems from the previous, more theoretical research designing the method in detail including its formal background.
TCP/IP networks; changing network topology; network security analysis; bounded model-checking; SAT-based decision procedure
@inproceedings{BUT34733,
author="Miroslav {Švéda} and Ondřej {Ryšavý} and Petr {Matoušek} and Jaroslav {Ráb}",
title="An Approach for Automated Network-Wide Security Analysis",
booktitle="Proceedings of the Ninth International Conference on Networks ICN 2010",
year="2010",
pages="294--299",
publisher="IEEE Computer Society",
address="Les Menuires",
isbn="978-0-7695-3979-9",
url="https://www.fit.vut.cz/research/publication/9191/"
}Bezpečné, spolehlivé a adaptivní počítačové systémy, VUT, Vnitřní projekty VUT, FIT-S-10-1, zahájení: 2010-03-01, ukončení: 2010-12-31, ukončen
Bezpečnost a zabezpečení aplikací sítí vestavěných systémů, GAČR, Standardní projekty, GA102/08/1429, zahájení: 2008-01-01, ukončení: 2010-12-31, ukončen
Výzkum informačních technologií z hlediska bezpečnosti, MŠMT, Institucionální prostředky SR ČR (např. VZ, VC), MSM0021630528, zahájení: 2007-01-01, ukončení: 2013-12-31, řešení