00 - Propositional Logic - Jason E. Johnson

# 🔐Why We Study Propositional Logic in Cybersecurity ### _The Language of Security Rules and Automated Defense_ --- > **Propositional logic** is the foundation of how security systems make decisions. Every firewall rule, access policy, and intrusion detection signature translates human security intentions into precise logical statements. By mastering propositions, conjunctions, disjunctions, and implications, cybersecurity professionals can write unambiguous rules that protect systems exactly as intended—with no room for exploitation through logical loopholes. --- ## 🛡️ Security Policy Formalization Security policies are translated into logical propositions. _"If a user is authenticated AND has admin privileges, THEN grant access"_ becomes: ``` (p ∧ q) → r ``` This precision eliminates ambiguity that attackers exploit. --- ## 🔍 Malware Detection Rules Antivirus signatures use logical expressions to identify threats. A rule might trigger when a file exhibits **behavior A** OR **behavior B**, but NOT if it's signed by a trusted vendor: ``` (A ∨ B) ∧ ¬T ``` --- ## 🔑 Authentication Logic Multi-factor authentication relies on logical conditions. Access requires **password correctness** AND (**biometric match** OR **security token**): ``` p ∧ (b ∨ t) ``` Each factor is a proposition combined with logical operators. --- ## 📊 SIEM Alert Correlation Security Information and Event Management systems use propositional logic to correlate alerts. Complex attack patterns are detected through chains of implications linking individual events to threat conclusions. --- ## 💡 Real-World Example: Firewall Rule Logic A firewall rule translated into propositional logic: |Variable|Meaning| |:-:|:--| |**p**|Source IP is internal| |**q**|Destination port is 443| |**r**|Connection uses TLS 1.3| ### The Rule ``` (p ∧ q ∧ r) → ALLOW ``` ### The Contrapositive ``` ¬ALLOW → (¬p ∨ ¬q ∨ ¬r) ``` This logical formulation ensures traffic is only allowed when **all three conditions** are met. The contrapositive helps security analysts understand: if traffic was blocked, at least one condition failed—enabling precise troubleshooting and audit trails. --- > _Propositional logic transforms vague security intentions into precise, enforceable rules—the difference between hoping systems are secure and **proving** they are._