Qualitative modeling and analysis of attack surface for process multi-variant execution software system
Attack surface is an important index to measure security of software system.The general attack surface model is based on the I/O automata model to model the software system, which generally uses a non-redundant architecture and it is difficult to apply to heterogeneous redundant system architectures...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-10-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | https://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022059 |
| _version_ | 1797262796969213952 |
|---|---|
| author | Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI |
| author_facet | Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI |
| author_sort | Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI |
| collection | DOAJ |
| description | Attack surface is an important index to measure security of software system.The general attack surface model is based on the I/O automata model to model the software system, which generally uses a non-redundant architecture and it is difficult to apply to heterogeneous redundant system architectures such as multi variant systems.Manadhatad et al.proposed a method to measure the attack surface in a dissimilar redundancy system.However, the voting granularity and voting method of the system architecture adopted by Manadhatad are different from those of the multi-variant system, which cannot accurately measure the attack surface of the multi variant system.Therefore, based on the traditional attack surface model, combined with the characteristics of heterogeneous redundant architecture of multi variant systems, the traditional attack surface model was extended and the attack surface model of multivariant systems was constructed.The attack surface of the multi variant system was represented in a formal way, and the traditional attack surface model was improved according to the voting mechanism of the multi variant system at the exit point of the system, so that it can explain the phenomenon that the attack surface of the multi variant system shrinks.Through this modeling method, the change of the attack surface of the multi variant system adopting the multi variant architecture can be explained in the running process.Then, two groups of software systems with multi variant execution architecture were used as analyzing examples.The attack surface of the software systems with the same functions as those without multi variant architecture were compared and analyzed in two situations of being attacked and not being attacked, reflecting the changes of the multi variant system in the attack surface.Combining the attack surface theory and the characteristics of the multi variant execution system, an attack surface modeling method for the multi variant execution system was proposed.At present, the changes of the attack surface of the multi variant execution system can be qualitatively analyzed.In-depth research in the quantitative analysis of the attack surface of the multi variant execution system will be continually conducted. |
| first_indexed | 2024-04-25T00:02:49Z |
| format | Article |
| id | doaj.art-8473087c002949b1a672fa132d4d38fa |
| institution | Directory Open Access Journal |
| issn | 2096-109X |
| language | English |
| last_indexed | 2024-04-25T00:02:49Z |
| publishDate | 2022-10-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj.art-8473087c002949b1a672fa132d4d38fa2024-03-14T06:47:19ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-10-018512112810.11959/j.issn.2096-109x.2022059Qualitative modeling and analysis of attack surface for process multi-variant execution software systemFukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI Attack surface is an important index to measure security of software system.The general attack surface model is based on the I/O automata model to model the software system, which generally uses a non-redundant architecture and it is difficult to apply to heterogeneous redundant system architectures such as multi variant systems.Manadhatad et al.proposed a method to measure the attack surface in a dissimilar redundancy system.However, the voting granularity and voting method of the system architecture adopted by Manadhatad are different from those of the multi-variant system, which cannot accurately measure the attack surface of the multi variant system.Therefore, based on the traditional attack surface model, combined with the characteristics of heterogeneous redundant architecture of multi variant systems, the traditional attack surface model was extended and the attack surface model of multivariant systems was constructed.The attack surface of the multi variant system was represented in a formal way, and the traditional attack surface model was improved according to the voting mechanism of the multi variant system at the exit point of the system, so that it can explain the phenomenon that the attack surface of the multi variant system shrinks.Through this modeling method, the change of the attack surface of the multi variant system adopting the multi variant architecture can be explained in the running process.Then, two groups of software systems with multi variant execution architecture were used as analyzing examples.The attack surface of the software systems with the same functions as those without multi variant architecture were compared and analyzed in two situations of being attacked and not being attacked, reflecting the changes of the multi variant system in the attack surface.Combining the attack surface theory and the characteristics of the multi variant execution system, an attack surface modeling method for the multi variant execution system was proposed.At present, the changes of the attack surface of the multi variant execution system can be qualitatively analyzed.In-depth research in the quantitative analysis of the attack surface of the multi variant execution system will be continually conducted.https://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022059multi-variant executionattack surfaceattack surface metricnetwork security |
| spellingShingle | Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI Qualitative modeling and analysis of attack surface for process multi-variant execution software system 网络与信息安全学报 multi-variant execution attack surface attack surface metric network security |
| title | Qualitative modeling and analysis of attack surface for process multi-variant execution software system |
| title_full | Qualitative modeling and analysis of attack surface for process multi-variant execution software system |
| title_fullStr | Qualitative modeling and analysis of attack surface for process multi-variant execution software system |
| title_full_unstemmed | Qualitative modeling and analysis of attack surface for process multi-variant execution software system |
| title_short | Qualitative modeling and analysis of attack surface for process multi-variant execution software system |
| title_sort | qualitative modeling and analysis of attack surface for process multi variant execution software system |
| topic | multi-variant execution attack surface attack surface metric network security |
| url | https://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022059 |
| work_keys_str_mv | AT fukangxingzhengzhangransuishengquxinshengji qualitativemodelingandanalysisofattacksurfaceforprocessmultivariantexecutionsoftwaresystem |