Publication detail

A Formal Model for Network-wide Security Analysis

MATOUŠEK, P. RYŠAVÝ, O. RÁB, J. ŠVÉDA, M.

Original Title

A Formal Model for Network-wide Security Analysis

Type

article in a collection out of WoS and Scopus

Language

English

Original Abstract

Network designers perform challenging tasks with so many configuration options that it is often hard or even impossible for a human to predict all potentially dangerous situations. In this paper, we introduce a formal method approach for verification of security constraints on networks with dynamic routing protocols in use. A unifying model based on packet-filters is employed for modelling of network behaviour. Over this graph model augmented with filtering rules over edges verification of  reachability properties can be made. In our approach we also consider topology changes caused by dynamic routing protocols.

Keywords

network, security, modelling, filtering rules, reachability analysis

Authors

MATOUŠEK, P.; RYŠAVÝ, O.; RÁB, J.; ŠVÉDA, M.

RIV year

2008

Released

17. 3. 2008

Publisher

University of Ulster

Location

Belfast

ISBN

0-7695-3141-5

Book

Proceeding of the 15 IEEE International Symposium and Workshop on the Engineering of Computer-based Systems

Pages from

171

Pages to

181

Pages count

11

URL

https://www.fit.vut.cz/research/publication/8554/

BibTex

@inproceedings{BUT27706,
  author="Petr {Matoušek} and Ondřej {Ryšavý} and Jaroslav {Ráb} and Miroslav {Švéda}",
  title="A Formal Model for Network-wide Security Analysis",
  booktitle="Proceeding of the 15 IEEE International Symposium and Workshop on the Engineering of Computer-based Systems",
  year="2008",
  pages="171--181",
  publisher="University of Ulster",
  address="Belfast",
  isbn="0-7695-3141-5",
  url="https://www.fit.vut.cz/research/publication/8554/"
}