Skip to Main content Skip to Navigation
New interface
Reports (Research report)

A SAT-based Autonomous Strategy for Security Vulnerability Management

Martín Barrère 1, * Rémi Badonnel 1 Olivier Festor 1 
* Corresponding author
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Computer and network systems are continuously exposed to security threats, making their management even more complex. In that context, the management of known vulnerabilities plays a crucial role for ensuring their safe configurations and preventing security attacks. However, it should not generate new vulnerable states when operations are performed. In this paper we present a novel approach for autonomously assessing and remediating vulnerabilities. We describe a detailed mathematical model that supports this activity and we formalize the remediation decision process as a SAT problem. We present a framework able to assess OVAL vulnerability descriptions and perform corrective actions by using XCCDF-based descriptions of future machine states and the NETCONF protocol. We also provide details of our implementation and evaluate its feasibility through a comprehensive set of experiments.
Document type :
Reports (Research report)
Complete list of metadata
Contributor : Martín Barrère Connect in order to contact the contributor
Submitted on : Monday, October 21, 2013 - 2:52:33 PM
Last modification on : Thursday, October 27, 2022 - 4:02:33 AM


  • HAL Id : hal-00875240, version 1


Martín Barrère, Rémi Badonnel, Olivier Festor. A SAT-based Autonomous Strategy for Security Vulnerability Management. [Research Report] 2013, pp.8. ⟨hal-00875240⟩



Record views