Enhancing Security Testing Software for Systems that Cannot be Subjected to the Risks of Penetration Testing Through the Incorporation of Multi-threading and and Other Capabilities
Matthew Tassava, Cameron Kolodjski, Jordan Milbrath, Jeremy Straub
{"title":"Enhancing Security Testing Software for Systems that Cannot be Subjected to the Risks of Penetration Testing Through the Incorporation of Multi-threading and and Other Capabilities","authors":"Matthew Tassava, Cameron Kolodjski, Jordan Milbrath, Jeremy Straub","doi":"arxiv-2409.10893","DOIUrl":null,"url":null,"abstract":"The development of a system vulnerability analysis tool (SVAT) for complex\nmission critical systems (CMCS) produced the software for operation and network\nattack results review (SONARR). This software builds upon the Blackboard\nArchitecture and uses its a rule-fact logic to assess model networks to\nidentify potential pathways that an attacker might take through them via the\nexploitation of vulnerabilities within the network. The SONARR objects and\nalgorithm were developed previously; however, performance was insufficient for\nanalyzing large networks. This paper describes and analyzes the performance of\na multi-threaded SONARR algorithm and other enhancements which were developed\nto increase SONARR's performance and facilitate the analysis of large networks.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.10893","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The development of a system vulnerability analysis tool (SVAT) for complex
mission critical systems (CMCS) produced the software for operation and network
attack results review (SONARR). This software builds upon the Blackboard
Architecture and uses its a rule-fact logic to assess model networks to
identify potential pathways that an attacker might take through them via the
exploitation of vulnerabilities within the network. The SONARR objects and
algorithm were developed previously; however, performance was insufficient for
analyzing large networks. This paper describes and analyzes the performance of
a multi-threaded SONARR algorithm and other enhancements which were developed
to increase SONARR's performance and facilitate the analysis of large networks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
