Modeling Analysis of SM2 Construction Attacks in the Open Secure Sockets Layer Based on Petri Net

The detection and defense of malicious attacks are critical to the proper functioning of network security. Due to the diversity and rapid updates of the attack methods used by attackers, traditional defense mechanisms have been challenged. In this context, a more effective method to predict vulnerabilities in network systems is considered an urgent need to protect network security. In this paper, we propose a formal modeling and analysis approach based on Petri net vulnerability exploitation. We used the Common Vulnerabilities and Exposures (CVE)-2021-3711 vulnerability source code to build a model. A patch model was built to address the problems of this model. Finally, the time injected by the actual attacker and the time simulated by the software were calculated separately. The results showed that the simulation time was shorter than the actual attack time, and ultra-real-time simulation could be achieved. By modeling the network system with this method, the model can be found to arrive at an illegitimate state according to the structure of Petri nets themselves and thus discover unknown vulnerabilities. This method provides a reference method for exploring unknown vulnerabilities.