Abstract
The detection and defense of malicious attacks are critical to the proper functioning of network security. Due to the diversity and rapid updates of the attack methods used by attackers, traditional defense mechanisms have been challenged. In this context, a more effective method to predict vulnerabilities in network systems is considered an urgent need to protect network security. In this paper, we propose a formal modeling and analysis approach based on Petri net vulnerability exploitation. We used the Common Vulnerabilities and Exposures (CVE)-2021-3711 vulnerability source code to build a model. A patch model was built to address the problems of this model. Finally, the time injected by the actual attacker and the time simulated by the software were calculated separately. The results showed that the simulation time was shorter than the actual attack time, and ultra-real-time simulation could be achieved. By modeling the network system with this method, the model can be found to arrive at an illegitimate state according to the structure of Petri nets themselves and thus discover unknown vulnerabilities. This method provides a reference method for exploring unknown vulnerabilities.
Highlights
With the development of society, the Internet plays an increasingly significant role in our daily lives
System vulnerability detection: The accessibility of nodes in the Petri net model was used to provide theoretical support for detecting unknown vulnerabilities and generating vulnerability code; Experimental evaluation: In this paper, the time of the actual attack and the time when the model first reaches the insecure state were counted in 10 groups, respectively
The buffer overflow vulnerability ID used in the experiment was Common Vulnerabilities and Exposures (CVE)-2021-3711
Summary
With the development of society, the Internet plays an increasingly significant role in our daily lives. System vulnerability detection: The accessibility of nodes in the Petri net model was used to provide theoretical support for detecting unknown vulnerabilities and generating vulnerability code; Experimental evaluation: In this paper, the time of the actual attack and the time when the model first reaches the insecure state were counted in 10 groups, respectively.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
