Abstract

The detection and defense of malicious attacks are critical to the proper functioning of network security. Due to the diversity and rapid updates of the attack methods used by attackers, traditional defense mechanisms have been challenged. In this context, a more effective method to predict vulnerabilities in network systems is considered an urgent need to protect network security. In this paper, we propose a formal modeling and analysis approach based on Petri net vulnerability exploitation. We used the Common Vulnerabilities and Exposures (CVE)-2021-3711 vulnerability source code to build a model. A patch model was built to address the problems of this model. Finally, the time injected by the actual attacker and the time simulated by the software were calculated separately. The results showed that the simulation time was shorter than the actual attack time, and ultra-real-time simulation could be achieved. By modeling the network system with this method, the model can be found to arrive at an illegitimate state according to the structure of Petri nets themselves and thus discover unknown vulnerabilities. This method provides a reference method for exploring unknown vulnerabilities.

Highlights

  • With the development of society, the Internet plays an increasingly significant role in our daily lives

  • System vulnerability detection: The accessibility of nodes in the Petri net model was used to provide theoretical support for detecting unknown vulnerabilities and generating vulnerability code; Experimental evaluation: In this paper, the time of the actual attack and the time when the model first reaches the insecure state were counted in 10 groups, respectively

  • The buffer overflow vulnerability ID used in the experiment was Common Vulnerabilities and Exposures (CVE)-2021-3711

Read more

Summary

Introduction

With the development of society, the Internet plays an increasingly significant role in our daily lives. System vulnerability detection: The accessibility of nodes in the Petri net model was used to provide theoretical support for detecting unknown vulnerabilities and generating vulnerability code; Experimental evaluation: In this paper, the time of the actual attack and the time when the model first reaches the insecure state were counted in 10 groups, respectively.

Related Work
Petri Net Model of a Vulnerability with CVE-2021-3711
Models Analysis
Aby bug in the implementation of the SM2 decryption recoveryIn bythis
Experiment Analysis
Illustrative Example
FFAD21A6021F18AFAB2B35459D2643243B242BE4EA80C6FA5071D2D847340CC5
Conclusions
Findings
Conclusions and Future Work
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call