C.R. Ramakrishnan R. Sekar Department ...  Home/Search
Context Related
| sunysb.edu/~cram/papers/1...paper.ps.gz sunysb.edu/sekar/papers...vmcai98.ps.gz Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: sunysb.edu/~cram/papers/index (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Vulnerability analysis is concerned with the problem of identifying weaknesses in computer systems that can be exploited to compromise their security. Most vulnerabilities arise from unexpected interactions between different system components such as server processes, filesystem permissions and content, and other operating system services. Existing vulnerability techniques (such as those used in COPS and SATAN) are based on enumerating the known causes of vulnerabilities in the system and... (Update)
Context of citations to this paper: More
.... test heterogeneous networks [25] Ramakrishnan and Sekar used a model checker to carry out a related analysis in single host systems [24]. Traditional program mutation analysis [10] is a code based method for developing a test set that is sensitive to small syntactic changes...
...running the model checker. This paper builds on some preliminary results on model based vulnerability analysis we had reported earlier in [17]. Since then, Ritchey and Ammann [20] have suggested a promising approach for automating network vulnerability analysis. Their approach...
Cited by: More
Model-Based Analysis of Configuration Vulnerabilities - Ramakrishnan And Sekar (Correct)
Using a Model Checker to Test Safety Properties - Ammann, Ding, Xu (2001) (Correct)
A Specification-Based Coverage Metric To Evaluate Test Sets - Ammann, al. (1999) (Correct)
Active bibliography (related documents): More All
0.3: On Preventing Intrusions by Process Behavior Monitoring - Sekar, Bowen, Segal (1999) (Correct)
0.2: A Specification-Based Approach for Building Survivable Systems - Segal (1998) (Correct)
0.2: A Taxonomy of Causes of Software Vulnerabilities - In Internet Software (Correct)
Similar documents based on text: More All
0.7: Formally Testing Fail-Safety of Electronic Purse Protocols - Jürgens, Wimmel (2001) (Correct)
0.5: . Threats (Attacks) Vulnerabilities and attacks - Before Studying Possible (Correct)
0.4: The Vulnerability Process: A Tiger Team Approach to.. - Laakso, Takanen, Röning (1999) (Correct)
Related documents from co-citation: More All
3: Using Model Checking to Analyze Network Vulnerabilities (context) - Ritchey, Ammann - 2000
2: Automated Consistency Checking of Requirements Specifications - Heitmeyer, Jeffords et al. - 1996
2: Using model checking to generate tests from specications - Ammann, Black et al. - 1998
BibTeX entry: (Update)
C. R. Ramakrishnan and R. Sekar, \Model-based vulnerability analysis of computer systems", in 2nd Int. Workshop on Verication, Model Checking and Abstract Interpretation, September 1998. http://citeseer.ist.psu.edu/article/ramakrishnan98modelbased.html More
@inproceedings{ramakrishnan1998model-based
author = "C.R. Ramakrishnan and R. Sekar",
title = "Model-Based Vulnerability Analysis of Computer Systems",
booktitle = "Second International Workshop on Verification, Model Checking,
and Abstract Interpretation (VMCAI'98; Pisa, Italy)",
month = sep,
year = 1998,
url = "citeseer.ist.psu.edu/article/ramakrishnan98modelbased.html" }
Citations (may not include all citations):1933 Communication and Concurrency (context) - Milner - 1989
1180 The Temporal Logic of Reactive and Concurrent Systems: Speci.. (context) - Manna, Pnueli - 1991
1097 Automatic verification of finite-state concurrent systems us.. (context) - Clarke, Emerson et al. - 1986
397 Design and synthesis of synchronization skeletons using bran.. (context) - Clarke, Emerson - 1981
221 Specification and verification of concurrent systems in Cesa.. (context) - Queille, Sifakis - 1982
142 Tabled evaluation with delaying for general logic programs - Chen, Warren - 1996
133 IEEE Transactions on Software Engineering (context) - Denning, Detection - 1987
73 Available from http://www (context) - logic, system - 1998
63 Next-generation Intrusion Detection Expert System - Anderson, Lunt et al. - 1995
59 Execution Monitoring of Security-Critical Programs in a Dist.. (context) - Ko - 1996
56 A survey of Intrusion Detection Techniques (context) - Lunt - 1993
52 Automated detection of vulnerabilities in privileged program.. - Ko, Fink et al. - 1994
46 The COPS Security Checker System - Farmer, Spafford - 1991
42 OLDT resolution with tabulation (context) - Tamaki, Sato - 1986
42 Efficient model-checking using tabled resolution - Ramakrishna, Ramakrishnan et al. - 1997
10 Checking for Race Conditions in File Access (context) - Bishop, Dilger - 1996
8 A critical analysis of vulnerability taxonomies - Bishop, Bailey - 1996
7 NetKuang--A Multi-Host Configuration Vulnerability Checker - Zerkle, Levitt - 1996
5 A Taxonomy of Security Faults (context) - Aslam, Krsul et al. - 1996
3 Rule based analysis of security checking (context) - Baldwin - 1988
1 we may not be in a position to rectify a problem either beca.. (context) - Advisories, www et al.
Documents on the same site (http://www.cs.sunysb.edu/~cram/papers/index.html): More
Fully Local and Efficient Evaluation of Alternating Fixed.. - Liu, Ramakrishnan, Smolka (1998) (Correct)
A Space Efficient Engine for Subsumption-Based.. - Johnson.. (Correct)
Tabulation-based Induction Proofs with Application .. - Roychoudhury.. (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC