Authors:
Miroslav Sveda
;
Ondrej Rysavy
;
Petr Matousek
;
Jaroslav Rab
and
Rudolf Cejka
Affiliation:
Brno University of Technology, Czech Republic
Keyword(s):
Intranet Topology, Dynamic Routing, State-based Reachability, Security, Bounded Model Checking, SAT.
Related
Ontology
Subjects/Areas/Topics:
Data Communication Networking
;
Fault Detection and Management
;
Internet Technologies
;
Network Monitoring and Control
;
Routing and Flow Control in Lans, Wans and Pans
;
Sensor Networks
;
Signal Processing
;
Telecommunications
Abstract:
This paper deals with an approach to security analysis of TCP/IP-based computer networks. The method developed stems from a formal model of network topology with changing link states, and deploys bounded model checking of network security properties supported by SAT-based decision procedure. Its implementation consists of a set of tools that provide automatic analysis of router configurations, network topologies, and states with respect to checked properties. While the paper aims at supporting a real practice, its form strives to be exact enough to explain the principles of the method in more detail.