Abstract
Security testing is normally limited to the scanning of individual hosts with the goal of locating vulnerabilities that can be exploited to gain some improper level of access on the target network Scanning is a successful approach for discovering security problems, but it suffers from two major problems. First, it ignores security issues that can arise due to interactions of systems on a network. Second, it does not provide any concept of test coverage other than the obvious criteria of attempting all known exploitation techniques on every system on the network.
In this paper, I present a new method for generating security test cases for a network This method extends my previous work in model checking network security by defining mutant operators to apply to my previously defined network security model. The resulting mutant models are fed into a model checker to produce counterexamples. These counterexamples represent attack scenarios (test cases) that can be run against the network. I also define a new coverage criterion for network security that requires a much smaller set of exploits to be run against the network to verify the network’s security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Apache Web Server information and software on the web at www.apache.com.
B. Beizer, “Software Testing Techniques, 2nd edition,” Thomson Computer Press, 1990.
J. Birch, E. Clark, K. McMillan, D. Dill, and L.J. Hwang, Symbolic Model Checking: 1020 States and Beyond, Proceedings of the ACM/SIGDA International Workshop in Formal Methods in VLSI Design, January, 1991.
W. Chan, R. Anderson, P. Beame, S. Bums, E Modugno, and D. Notkin, Model Checking Large Software Specifications, IEEE Transactions on Software Engineering, Vol. 24, No. 7, July 1998.
E. Clark, O. Grumberg, and D. Long, Verification Tools For Finite-State Concurrent Systems, A Decade of Concurrency–Reflections and Perspectives, Springer Verlag, 1994.
Computer Oracle and Password System (COPS) information and software on the web at ftp.cert.org /pub/tools/cops.
G. Holzmann, The Model Checker SPIN, IEEE Transactions on Software Engineering, Vol 23, No 5, May 1997.
Internet Security Systems, System Scanner information on the web at www.iss.net .
A. Mayer, A. Wool and E. Ziskind, Fang: A Firewall Analysis Engine, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 2000.
Network Associates, CyberCop Scanner information on the web at www.nai.com /aspset/products/tns/ccscanner intro.asp.
J. Offutt, Practical Mutation Testing, Twelfth International Conference on Testing Computer Software, pages 99–109, Washington, DC, June 1995.
RedHat Linux information and software on the web at www.redhat.com .
R. Ritchey and P. Ammann, Using Model Checking To Analyze Network Security, 2000 IEEE Symposium on Security and Privacy, May 2000.
SMV information and software on the web at www.cs.cmu.edu/–modelcheck.
D. Zerkle and K. Levitt, NetKuang–A Multi-Host Configuration Vulnerability Checker, In Proceedings of the Sixth USENIX Unix Security Symposium, San Jose, CA, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer Science+Business Media New York
About this chapter
Cite this chapter
Ritchey, R.W. (2001). Mutating Network Models to Generate Network Security Test Cases. In: Wong, W.E. (eds) Mutation Testing for the New Century. The Springer International Series on Advances in Database Systems, vol 24. Springer, Boston, MA. https://doi.org/10.1007/978-1-4757-5939-6_13
Download citation
DOI: https://doi.org/10.1007/978-1-4757-5939-6_13
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-4888-5
Online ISBN: 978-1-4757-5939-6
eBook Packages: Springer Book Archive