网络与信息安全学报 (Oct 2022)

Qualitative modeling and analysis of attack surface for process multi-variant execution software system

  • Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI

DOI
https://doi.org/10.11959/j.issn.2096-109x.2022059
Journal volume & issue
Vol. 8, no. 5
pp. 121 – 128

Abstract

Read online

Attack surface is an important index to measure security of software system.The general attack surface model is based on the I/O automata model to model the software system, which generally uses a non-redundant architecture and it is difficult to apply to heterogeneous redundant system architectures such as multi variant systems.Manadhatad et al.proposed a method to measure the attack surface in a dissimilar redundancy system.However, the voting granularity and voting method of the system architecture adopted by Manadhatad are different from those of the multi-variant system, which cannot accurately measure the attack surface of the multi variant system.Therefore, based on the traditional attack surface model, combined with the characteristics of heterogeneous redundant architecture of multi variant systems, the traditional attack surface model was extended and the attack surface model of multivariant systems was constructed.The attack surface of the multi variant system was represented in a formal way, and the traditional attack surface model was improved according to the voting mechanism of the multi variant system at the exit point of the system, so that it can explain the phenomenon that the attack surface of the multi variant system shrinks.Through this modeling method, the change of the attack surface of the multi variant system adopting the multi variant architecture can be explained in the running process.Then, two groups of software systems with multi variant execution architecture were used as analyzing examples.The attack surface of the software systems with the same functions as those without multi variant architecture were compared and analyzed in two situations of being attacked and not being attacked, reflecting the changes of the multi variant system in the attack surface.Combining the attack surface theory and the characteristics of the multi variant execution system, an attack surface modeling method for the multi variant execution system was proposed.At present, the changes of the attack surface of the multi variant execution system can be qualitatively analyzed.In-depth research in the quantitative analysis of the attack surface of the multi variant execution system will be continually conducted.

Keywords