Enhancing Security Testing Software for Systems that Cannot be Subjected to the Risks of Penetration Testing Through the Incorporation of Multi-threading and and Other Capabilities

TL;DR

This paper improves a security testing tool for critical systems by integrating multi-threading and other enhancements, enabling efficient analysis of large networks without risking system exposure.

Contribution

It introduces a multi-threaded algorithm and additional enhancements to enhance SONARR's performance for large-scale network analysis.

Findings

Multi-threading significantly improves analysis speed.

Enhanced SONARR can handle larger, complex networks.

Performance gains enable safer security testing.

Abstract

The development of a system vulnerability analysis tool (SVAT) for complex mission critical systems (CMCS) produced the software for operation and network attack results review (SONARR). This software builds upon the Blackboard Architecture and uses its a rule-fact logic to assess model networks to identify potential pathways that an attacker might take through them via the exploitation of vulnerabilities within the network. The SONARR objects and algorithm were developed previously; however, performance was insufficient for analyzing large networks. This paper describes and analyzes the performance of a multi-threaded SONARR algorithm and other enhancements which were developed to increase SONARR's performance and facilitate the analysis of large networks.