The number of security attacks on the telecommunication net- works is constantly increasing. To prevent them, the telecom sector is looking for new automated techniques facilitating a discovery of potential network vul- nerabilities and rectification of them. In this paper, we propose an approach for identifying potential attack scenarios and defining recommendations for preventing them. The approach is formalised in the Event-B framework. It allows us to not only formalise the analysed part of the network architecture and verify consistency of the control and data flow of the associated services but also employ model checking to generate and analyse attack scenarios. By applying the proposed approach, the designers can systematically explore net- work vulnerabilities and propose recommendations for attack prevention.
Linas Laibinis (Åbo Akademi University), Elena Troubitsyna (Åbo Akademi University), Inna Pereverzeva (Åbo Akademu University), Ian Oliver (Nokia Corporation), and Silke Holtmanns (Nokia Corporation): A Formal Approach to Identifying Security Vulnerabilities in Telecommunication Networks
Presented at the 18th International Conference on Formal Engineering Methods