Network Vulnerability Analysis Through Vulnerability Take-Grant Model (VTG)
نویسندگان
چکیده
Modeling and analysis of information system vulnerabilities helps us to predict possible attacks to networks using the network configuration and vulnerabilities information. As a fact, exploiting most of vulnerabilities result in access rights alteration. In this paper, we propose a new vulnerability analysis method based on the Take-Grant protection model. We extend the initial TakeGrant model to address the notion of vulnerabilities and introduce the vulnerabilities rewriting rules to specify how the protection state of the system can be changed by exploiting vulnerabilities. Our analysis is based on a bounded polynomial algorithm, which generates the closure of the Take-Grant graph regarding vulnerabilities. The closure helps to verify whether any subject can obtain an access right over an object. The application of our results have been examined in a case study which reveals how an attacker can gain an unauthorized access right by exploiting chain of vulnerabilities.
منابع مشابه
Vulnerability Take Grant (VTG): An efficient approach to analyze network vulnerabilities
Modeling and analyzing information system vulnerabilities help predict possible attacks to computer networks using vulnerabilities information and the network configuration. In this paper, we propose a comprehensive approach to analyze network vulnerabilities in order to answer the safety problem focusing on vulnerabilities. The approach which is called Vulnerability Take Grant (VTG) is a graph...
متن کاملA Scalable, Vulnerability Modeling and Correlating Method for Network Security
Nowadays attacks are becoming increasingly frequent and sophisticated, and they are also becoming increasingly interconnected. Recent works in network security have demostrated the fact that combinations of vulnerability exploits are the typical means by which an attacker can break into a network. It is therefore in great need of performing vulnerability analysis to do security analysis first a...
متن کاملUrban Texture Assessment Bbased on the Principles of Passive Defense Using Factor Analytical Network Process (F’ANP) (Casestudy : Noghan Neighborhood Mashhad)
Background and Aims: Urban texture assessment with passive defense approach is one of the most important issues in the field of urban planning. In this research, we try to evaluate the vulnerability of urban tissue to the enemy's threats, because inactive defense by using unarmed measures reduces Vulnerability and increased deterrence at the time of the threat. Noghan Neighborhood located in th...
متن کاملVulnerability Assessment of Information System based on Weighted Directional Graph and Complex Network Technology
Bayesian equilibrium algorithm model of information vulnerability assessment was established, and it had introduced the weighted directional method in the model. Then it established an information system evaluation program for complex network, and designed the procedures of vulnerability assessment. In order to verify the validity and reliability of the model, complex network test platform was ...
متن کاملUnderground transportation system risk assessment to mitigate vulnerability against natural disasters through intelligent urban management
Quantitative and qualitative monitoring and evaluation of risk management programs will play an important role in the development of Tehran metropolitan railway transport. Considering the tectonic studies, seismic zones, land degradation and faults in north and south of Tehran, the development of underground railway lines, the assessment of the vulnerability of subway stations and the escalatio...
متن کامل