A logical framework for evaluating network resilience against faults and attacks

Authors:
Elie Bursztein;Jean Goubault-Larrecq
Affiliations:
LSV, ENS Cachan, CNRS, INRIA;LSV, ENS Cachan, CNRS, INRIA
Venue:
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Year:
2007

Citing 10
Cited 3

On the synthesis of a reactive module

POPL '89 Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secrets & Lies: Digital Security in a Networked World

Secrets & Lies: Digital Security in a Networked World
Alternating-time temporal logic

Journal of the ACM (JACM)
Throttling Viruses: Restricting propagation to defeat malicious mobile code

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Two Formal Analys s of Attack Graphs

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Using Model Checking to Analyze Network Vulnerabilities

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The Ecology of the Grid

ICAC '05 Proceedings of the Second International Conference on Automatic Computing
Topological analysis of network attack vulnerability

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Timed alternating-time temporal logic

FORMATS'06 Proceedings of the 4th international conference on Formal Modeling and Analysis of Timed Systems

NetQi: A Model Checker for Anticipation Game

ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
Extending Anticipation Games with Location, Penalty and Timeline

Formal Aspects in Security and Trust
Using strategy objectives for network security analysis

Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a logic-based framework to evaluate the resilience of computer networks in the face of incidents, i.e., attacks from malicious intruders as well as random faults. Our model uses a two-layered presentation of dependencies between files and services, and of timed games to represent not just incidents, but also the dynamic responses from administrators and their respective delays. We demonstrate that a variant TATL◊ of timed alternating-time temporal logic is a convenient language to express several desirable properties of networks, including several forms of survivability. We illustrate this on a simple redundant Web service architecture, and show that checking such timed games against the so-called TATL◊ variant of the timed alternating time temporal logic TATL is EXPTIME-complete.