Changes between Version 22 and Version 23 of ExDescLang


Ignore:
Timestamp:
Oct 11, 2010 3:17:31 PM (14 years ago)
Author:
sunshine
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ExDescLang

    v22 v23  
    4848     * scan event generates traffic from A to B that exploits a vulnerability at B
    4949     * infection event at B executes some code that places a copy of malware at B with ability to auto-start
     50 Also note that I haven't said if each infected hosts scans ALL or SOME vulnerable hosts and how many. We should have a mechanism to specify this. Same comment goes for any "acts upon" relationship.
    5051
    5152 * '''Invariants:''' There are some in definition of topology and timeline above. No additional ones are needed here.
     
    5758   (in English: There must be two sets of hosts, at least two eligible peers and at least one leader. Nothing is said about relationship between sets so it's possible that there's an intersection between those that is non-empty.)
    5859 * '''Timeline of events: '''
    59    [[Image(wormwf.jpg)]]
    60    (in English: Each infected host generates scan events that target a vulnerable host - double line means one object acts upon another. There is at least one such event for a vulnerable host and at least one pair of scan+vulnerable host in the experiment. Once an infection event occurs on vulnerable host it transitions to an infected state. An infected host may scan other, non-vulnerable hosts).
     60   [[Image(peerwf.jpg)]]
     61   (in English: Each eligible peer contacts some other eligible peers asking them to peer with it. If they agree both go into "peer" state, otherwise they both revert to eligible peer state. In each of peer states (elpeer, maypeer, peer) this object may somehow learn about a leader and go into lpeer state in which it knows leader identity. In lpeer state it may learn about other leaders as well. An object in lpeer state receives some commands from the leader and may report back to the leader.).
    6162   Note that I haven't yet defined what scan and infection events mean. I have to do this somewhere but I think the right place for this would be a common repository of domain knowledge rather than attaching these per experiment class since many classes of experiments may need same definitions. Ultimately what I'd like to say in these definitions in plain English is:
    6263     * scan event generates traffic from A to B that exploits a vulnerability at B