A Query Driven Security Testing Framework for Enterprise Network

Due to extensive use of various network services and web based applications and heterogeneous organizational security requirements; enterprise network configuration is becoming very complex that imposes high operational workload on both regular and experienced administrators. This complexity extensively reduces overall network assurability and usability which in turn make the network vulnerable to various cyber-attacks. Network Access Control Lists (ACLs) is a standard for implementing security configurations in enterprise networks. However, the size and distributed placement of the ACLs in the network impose significant complexity as well as introduce potential scope of security misconfigurations. In this paper, we present a query driven security testing framework to assess the correctness and consistency of the access control list (ACL) based security implementations in an enterprise network. It will allow the network administrators to systematically test the ACL configurations with various interactive service access queries. The framework is built on top of a satisfiability analysis (SAT) engine. The efficacy of the framework is evaluated with extensive experimentations on real and synthetic networks.