Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICICS
2005
Springer
2005
Springer
Network Vulnerability Analysis Through Vulnerability Take-Grant Model (VTG)
Modeling and analysis of information system vulnerabilities helps us to predict possible attacks to networks using the network configuration and vulnerabilities information. As a fact, exploiting most of vulnerabilities result in access rights alteration. In this paper, we propose a new vulnerability analysis method based on the Take-Grant protection model. We extend the initial TakeGrant model to address the notion of vulnerabilities and introduce the vulnerabilities rewriting rules to specify how the protection state of the system can be changed by exploiting vulnerabilities. Our analysis is based on a bounded polynomial algorithm, which generates the closure of the Take-Grant graph regarding vulnerabilities. The closure helps to verify whether any subject can obtain an access right over an object. The application of our results have been examined in a case study which reveals how an attacker can gain an unauthorized access right by exploiting chain of vulnerabilities.
Real-time TrafficRelated Content
| Added | 29 Jun 2010 |
| Updated | 29 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | ICICS |
| Authors | Hamid Reza Shahriari, Reza Sadoddin, Rasool Jalili, Reza Zakeri, Ali Reza Omidian |
Comments (0)
Researcher Info
|
