A SAT-based Autonomous Strategy for Security Vulnerability Management - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Rapport (Rapport De Recherche) Année : 2013

A SAT-based Autonomous Strategy for Security Vulnerability Management

Résumé

Computer and network systems are continuously exposed to security threats, making their management even more complex. In that context, the management of known vulnerabilities plays a crucial role for ensuring their safe configurations and preventing security attacks. However, it should not generate new vulnerable states when operations are performed. In this paper we present a novel approach for autonomously assessing and remediating vulnerabilities. We describe a detailed mathematical model that supports this activity and we formalize the remediation decision process as a SAT problem. We present a framework able to assess OVAL vulnerability descriptions and perform corrective actions by using XCCDF-based descriptions of future machine states and the NETCONF protocol. We also provide details of our implementation and evaluate its feasibility through a comprehensive set of experiments.
Fichier non déposé

Dates et versions

hal-00875240 , version 1 (21-10-2013)

Identifiants

  • HAL Id : hal-00875240 , version 1

Citer

Martín Barrère, Rémi Badonnel, Olivier Festor. A SAT-based Autonomous Strategy for Security Vulnerability Management. [Research Report] 2013, pp.8. ⟨hal-00875240⟩
139 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More