Performing vulnerability assessment for a complex system is
an important task. However, given the high complexity, manual analysis is
usually tedious and error-prone. Therefore, automated methods are usually
In this project, we will leverage Prolog to perform
automated vulnerability assessment. We consider a network that is composed of 7
hosts, which are denoted as H1, H2, H3, H4, H5, H6, and H7. You will get two
reports from two teams respectively.
The networking team offers you a report on the network
topology, where each pair of hosts below indicates the possibility to establish
network connections between them. The “-”
in the pair means that this host is accessible from public networks through
The security team scans hosts in the network and finds two
types of vulnerabilities, namely V1 and V2.
If a host has V1 vulnerability and an attacker
can establish network connection with this host, then the attacker can exploit
this vulnerability and gain completely control of this host. One of the
implications for the complete-control is that the attacker can instruct this
host to establish other hosts.
If a host has V2 vulnerability and an attacker
can establish network connections to it from at least two hosts simultaneously,
then this host can be compromised by the attacker, rendering the attacker full
control to this host.
Hosts and their corresponding vulnerabilities are presented
You will deliver a package that contains
README.txt to describe your compiling and
run-time environment. Team members will also be included in the README.txt.
You will be responsible for converting and integrating these
descriptions into a prolog-based model. Your model should be able to answer the
following question given a host:
Is it possible for this host to be compromised?
For the programming environment, B-Prolog is recommended.
Copyright © 2020 | Truelancer.com