A SAT-based Autonomous Strategy for Security Vulnerability Management

Martin Barrere 1 Rémi Badonnel 2 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
2 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Computer and network systems are consistently exposed to security threats, making their management even more complex. The management of known vulnerabilities plays a crucial role for ensuring their safe configurations and preventing security attacks. However, this activity should not generate new vulnerable states. In this paper we present a novel approach for autonomously assessing and remediating vulnerabilities. We describe a detailed mathematical model that supports this activity and we formalize the remediation decision process as a SAT problem. We present a framework that is able to assess OVAL vulnerability descriptions and perform corrective actions by using XCCDF-based descriptions of future machine states and the NETCONF protocol. We also provide details of our implemen- tation and evaluate its feasibility through a comprehensive set of experiments.
Type de document :
Communication dans un congrès
IEEE/IFIP International Symposium on Network Operations and Management (IEEE/IFIP NOMS'14), May 2014, Cracovie, Poland. 2014
Liste complète des métadonnées

https://hal.inria.fr/hal-01093121
Contributeur : Rémi Badonnel <>
Soumis le : mercredi 10 décembre 2014 - 11:10:52
Dernière modification le : jeudi 11 janvier 2018 - 06:25:23

Identifiants

  • HAL Id : hal-01093121, version 1

Collections

Citation

Martin Barrere, Rémi Badonnel, Olivier Festor. A SAT-based Autonomous Strategy for Security Vulnerability Management. IEEE/IFIP International Symposium on Network Operations and Management (IEEE/IFIP NOMS'14), May 2014, Cracovie, Poland. 2014. 〈hal-01093121〉

Partager

Métriques

Consultations de la notice

319