Title :
Security analysis of TCP/IP networks: An approach to automatic analysis of network security properties
Author :
Sveda, Miroslav ; Rysavy, Ondrej ; Matousek, Petr ; Rab, Jaroslav ; Cejka, Rudolf
Author_Institution :
Faculty of Information Technology, Brno University of Technology, Bozetechova 2, Brno, Czech Republic
Abstract :
This paper deals with an approach to security analysis of TCP/IP-based computer networks. The method developed stems from a formal model of network topology with changing link states, and deploys bounded model checking of network security properties supported by SAT-based decision procedure. Its implementation consists of a set of tools that provide automatic analysis of router configurations, network topologies, and states with respect to checked properties. While the paper aims at supporting a real practice, its form strives to be exact enough to explain the principles of the method in more detail.
Keywords :
Analytical models; Computational modeling; Filtering; Fires; Network topology; Routing; Security; Bounded Model Checking; Dynamic Routing; Intranet Topology; SAT; Security; State-based Reachability;
Conference_Titel :
Data Communication Networking (DCNET), Proceedings of the 2010 International Conference on
Conference_Location :
Athens
