Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Simulated Network Vulnerability Screening

IP.com Disclosure Number: IPCOM000132573D
Original Publication Date: 2005-Dec-22
Included in the Prior Art Database: 2005-Dec-22
Document File: 1 page(s) / 51K

Publishing Venue

IBM

Abstract

Disclosed is a method for simulated network vulnerability screening based upon an object-oriented model of an IT system.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 61% of the total text.

Page 1 of 1

Simulated Network Vulnerability Screening

    Disclosed is a method for simulated network vulnerability screening based upon an object-oriented model of an IT system.

    The complexity of modern IT systems for the purposes of network vulnerability testing must be measured in terms of number of states the IT system can be in, since some vulnerabilities will only present themselves in a very small subset of all the system states. One example of such a stealth vulnerability is an attack of FTP bounce family of attacks, when a stateful firewall behavior is exploited where the firewall would allow an incoming TCP connection to a protected host's port which was the argument of a recent FTP PORT command in passive mode. Hence, under the traditional network vulnerability scanning approach, steps must be taken to make sure that virtually all possible IT system states are realized during the vulnerability scanning session. Most often, there is simply no reliable means to achieve that goal, and even if there was a process of forcing an IT system to consecutively appear in all the possible states, the time needed for such testing would grow exponentially with the number of system components. Thus, the vulnerabilities which appear in a limited subset of all possible IT system states are very likely to become virtually undetectable by the traditional network vulnerability scanning tools.

    Under the proposed approach of simulated network vulnerability screening, an object-oriented mode...