{"title":"对基于黑板架构的系统漏洞分析工具进行技术升级和改进","authors":"Matthew Tassava, Cameron Kolodjski, Jeremy Straub","doi":"arxiv-2409.10892","DOIUrl":null,"url":null,"abstract":"A system vulnerability analysis technique (SVAT) for the analysis of complex\nmission critical systems (CMCS) that cannot be taken offline or subjected to\nthe risks posed by traditional penetration testing was previously developed.\nThis system uses path-based analysis of vulnerabilities to identify potential\nthreats to system security. Generalization logic building on the Blackboard\nArchitecture's rule-fact paradigm was implemented in this system, the software\nfor operation and network attack results review (SONARR). This paper presents\nan overview of additional functionality that has been added to this tool and\nthe experimentation that was conducted to analyze their efficacy and the\nperformance benefits of the new in-memory processing capabilities of the SONARR\nalgorithm. The results of the performance tests and their relation to networks'\narchitecture are discussed. The paper concludes with a discussion of avenues of\nfuture work, including the implementation of multithreading, additional\nanalysis metrics like confidentiality, integrity, and availability, and\nimproved heuristic development.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Technical Upgrades to and Enhancements of a System Vulnerability Analysis Tool Based on the Blackboard Architecture\",\"authors\":\"Matthew Tassava, Cameron Kolodjski, Jeremy Straub\",\"doi\":\"arxiv-2409.10892\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A system vulnerability analysis technique (SVAT) for the analysis of complex\\nmission critical systems (CMCS) that cannot be taken offline or subjected to\\nthe risks posed by traditional penetration testing was previously developed.\\nThis system uses path-based analysis of vulnerabilities to identify potential\\nthreats to system security. Generalization logic building on the Blackboard\\nArchitecture's rule-fact paradigm was implemented in this system, the software\\nfor operation and network attack results review (SONARR). This paper presents\\nan overview of additional functionality that has been added to this tool and\\nthe experimentation that was conducted to analyze their efficacy and the\\nperformance benefits of the new in-memory processing capabilities of the SONARR\\nalgorithm. The results of the performance tests and their relation to networks'\\narchitecture are discussed. The paper concludes with a discussion of avenues of\\nfuture work, including the implementation of multithreading, additional\\nanalysis metrics like confidentiality, integrity, and availability, and\\nimproved heuristic development.\",\"PeriodicalId\":501332,\"journal\":{\"name\":\"arXiv - CS - Cryptography and Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Cryptography and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.10892\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.10892","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Technical Upgrades to and Enhancements of a System Vulnerability Analysis Tool Based on the Blackboard Architecture
A system vulnerability analysis technique (SVAT) for the analysis of complex
mission critical systems (CMCS) that cannot be taken offline or subjected to
the risks posed by traditional penetration testing was previously developed.
This system uses path-based analysis of vulnerabilities to identify potential
threats to system security. Generalization logic building on the Blackboard
Architecture's rule-fact paradigm was implemented in this system, the software
for operation and network attack results review (SONARR). This paper presents
an overview of additional functionality that has been added to this tool and
the experimentation that was conducted to analyze their efficacy and the
performance benefits of the new in-memory processing capabilities of the SONARR
algorithm. The results of the performance tests and their relation to networks'
architecture are discussed. The paper concludes with a discussion of avenues of
future work, including the implementation of multithreading, additional
analysis metrics like confidentiality, integrity, and availability, and
improved heuristic development.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
