Technical Upgrades to and Enhancements of a System Vulnerability Analysis Tool Based on the Blackboard Architecture

arXiv - CS - Cryptography and Security Pub Date : 2024-09-17 DOI:arxiv-2409.10892

Matthew Tassava, Cameron Kolodjski, Jeremy Straub

{"title":"Technical Upgrades to and Enhancements of a System Vulnerability Analysis Tool Based on the Blackboard Architecture","authors":"Matthew Tassava, Cameron Kolodjski, Jeremy Straub","doi":"arxiv-2409.10892","DOIUrl":null,"url":null,"abstract":"A system vulnerability analysis technique (SVAT) for the analysis of complex\nmission critical systems (CMCS) that cannot be taken offline or subjected to\nthe risks posed by traditional penetration testing was previously developed.\nThis system uses path-based analysis of vulnerabilities to identify potential\nthreats to system security. Generalization logic building on the Blackboard\nArchitecture's rule-fact paradigm was implemented in this system, the software\nfor operation and network attack results review (SONARR). This paper presents\nan overview of additional functionality that has been added to this tool and\nthe experimentation that was conducted to analyze their efficacy and the\nperformance benefits of the new in-memory processing capabilities of the SONARR\nalgorithm. The results of the performance tests and their relation to networks'\narchitecture are discussed. The paper concludes with a discussion of avenues of\nfuture work, including the implementation of multithreading, additional\nanalysis metrics like confidentiality, integrity, and availability, and\nimproved heuristic development.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"16 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.10892","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

A system vulnerability analysis technique (SVAT) for the analysis of complex mission critical systems (CMCS) that cannot be taken offline or subjected to the risks posed by traditional penetration testing was previously developed. This system uses path-based analysis of vulnerabilities to identify potential threats to system security. Generalization logic building on the Blackboard Architecture's rule-fact paradigm was implemented in this system, the software for operation and network attack results review (SONARR). This paper presents an overview of additional functionality that has been added to this tool and the experimentation that was conducted to analyze their efficacy and the performance benefits of the new in-memory processing capabilities of the SONARR algorithm. The results of the performance tests and their relation to networks' architecture are discussed. The paper concludes with a discussion of avenues of future work, including the implementation of multithreading, additional analysis metrics like confidentiality, integrity, and availability, and improved heuristic development.

查看原文本刊更多论文

对基于黑板架构的系统漏洞分析工具进行技术升级和改进

该系统利用基于路径的漏洞分析来识别对系统安全的潜在威胁。该系统采用基于路径的漏洞分析方法来识别对系统安全的潜在威胁，并在黑板架构的规则-事实范式基础上实现了通用逻辑，即操作和网络攻击结果审查软件（SONARR）。本文概述了该工具新增的功能，以及为分析其功效和 SONARR 算法新内存处理能力的性能优势而进行的实验。本文讨论了性能测试结果及其与网络架构的关系。论文最后讨论了未来的工作方向，包括多线程的实现，额外的分析指标（如保密性、完整性和可用性），以及改进的启发式开发。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Cryptography and Security

自引率

0.00%

发文量