Loading...
Network vulnerability analysis through vulnerability take-grant model (VTG)
Shahriari, H. R ; Sharif University of Technology | 2005
93
Viewed
- Type of Document: Article
- DOI: 10.1007/11602897_22
- Publisher: 2005
- Abstract:
- Modeling and analysis of information system vulnerabilities helps us to predict possible attacks to networks using the network configuration and vulnerabilities information. As a fact, exploiting most of vulnerabilities result in access rights alteration. In this paper, we propose a new vulnerability analysis method based on the Take-Grant protection model. We extend the initial Take-Grant model to address the notion of vulnerabilities and introduce the vulnerabilities rewriting rules to specify how the protection state of the system can be changed by exploiting vulnerabilities. Our analysis is based on a bounded polynomial algorithm, which generates the closure of the Take-Grant graph regarding vulnerabilities. The closure helps to verify whether any subject can obtain an access right over an object. The application of our results have been examined in a case study which reveals how an attacker can gain an unauthorized access right by exploiting chain of vulnerabilities. © Springer-Verlag Berlin Heidelberg 2005
- Keywords:
- Algorithms ; Graph theory ; Mathematical models ; Polynomials ; Security of data ; Bounded polynomial algorithm ; Vulnerabilities rewriting rules ; Vulnerability take-grant model (VTG) ; Information analysis
- Source: 7th International Conference on Information and Communications Security, ICICS 2005, Beijing, 10 December 2005 through 13 December 2005 ; Volume 3783 LNCS , 2005 , Pages 256-268 ; 03029743 (ISSN); 3540309349 (ISBN); 9783540309345 (ISBN)
- URL: https://link.springer.com/chapter/10.1007/11602897_22