Reverse analysis of secure communication protocol based on taint analysis

机译：基于异味分析的安全通信协议反向分析

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

To maintain communications confidentiality, security protocols are widely used in more and more network applications. Moreover, some malwares even leverage these kinds of protocols to evade inspection by IDS. Most security protocols are designed and verified by formalized methods; however, observation shows that protocol implementations commonly contain flaws or vulnerabilities. Therefore, research on reverse engineering of security protocols can play an important role in improving the security of network applications, especially by providing another way to fight against malwares. Nevertheless, previous protocol reverse engineering technologies, which are based on analysis of network traces, encounter great challenges when the network messages transmitted between different protocol principals are encrypted. This paper proposes a taint analysis based method, which aims to infer the message format from dynamic execution of security protocol applications. The proposed approach is based on the observation that the process of message parsing in cryptographic protocol applications reveals rich information about the hierarchical structures and semantics of their messages. Hence, by observing calls to library function and instruction execution in network programs, the proposed approach can reverse derive large amount of information about their protocol, such as message format and protocol model, even the communication is encrypted. Experiments show that the reverse analysis results not only accurately identify message fields, but also unveil the structure of the encrypted message fields.

机译：为了维护通信的机密性，安全协议被越来越多的网络应用广泛使用。此外，某些恶意软件甚至利用这些协议来逃避IDS的检查。大多数安全协议都是通过形式化的方法设计和验证的。但是，观察表明协议实现通常包含缺陷或漏洞。因此，对安全协议的逆向工程的研究可以在提高网络应用程序的安全性方面发挥重要作用，特别是通过提供另一种对抗恶意软件的方式。尽管如此，当对不同协议主体之间传输的网络消息进行加密时，基于网络跟踪分析的先前协议反向工程技术仍面临巨大挑战。本文提出了一种基于异味分析的方法，旨在从安全协议应用程序的动态执行中推断出消息格式。提出的方法基于以下观察：密码协议应用程序中的消息解析过程揭示了有关其消息的层次结构和语义的丰富信息。因此，通过观察对网络程序中库函数的调用和指令在执行中的执行，即使通信被加密，所提出的方法也可以反向推导有关其协议的大量信息，例如消息格式和协议模型。实验表明，反向分析结果不仅可以准确识别消息字段，而且还揭示了加密消息字段的结构。

著录项

来源
《2014 Communications security conference》|2014年|1-8|共8页
会议地点 Beijing(CN)
作者
Meijian Li; Wang Yongjun; Xie Peidai; Zhijian Huang;
展开▼
作者单位

National University of Defense Technology, Computer College, China;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Dynamic-Binary-Analysis; Protocol-Format; Protocol-Reverse-Engineering; Security-Protocol; Taint-Analysis;

机译：动态二进制分析;协议格式;协议逆向工程;安全协议;污染分析;;

相似文献

外文文献
中文文献
专利

1. Cryptanalysis of Controlled Quantum Secure Direct Communication and Authentication Protocol Based on Five-Particle Cluster State and Quantum One-Time Pad [J] . Liu Zhihao, Chen Hanwu, Liu Wenjie International Journal of Theoretical Physics: A Journal of Original Research and Reviews in Theoretical Physics and Related Mathematics, Dedicated to the Unification of Physics . 2016,第10期

机译：基于五粒子群状态和量子一次性填充的受控量子安全直接通信与认证协议的密码分析
2. Cryptanalysis and improvement of quantum secure communication network protocol with entangled photons for mobile communications [J] . Gao Gan Physica Scripta: An International Journal for Experimental and Theoretical Physics . 2014,第12期

机译：纠缠光子量子安全通信网络协议的密码分析与改进
3. A comparative study of protocols for secure quantum communication under noisy environment: single-qubit-based protocols versus entangled-state-based protocols [J] . Sharma Vishal, Thapliyal Kishore, Pathak Anirban, Quantum information processing . 2016,第11期

机译：嘈杂环境下安全量子通信协议的比较研究：基于单量子位的协议与基于纠缠态的协议
4. Behavioral Pattern Analysis of Secure Migration and Communications in eCommerce using Cryptographic Protocols on a Mobile MAS Platform [C] . Pozo, S., Gasca, . 2005

机译：在移动MAS平台上使用加密协议的电子商务中安全迁移和通信的行为模式分析
5. Efficient Implementation and Computational Analysis of Privacy-preserving Protocols for Securing the Financial Markets [D] . Alvarez, Ramiro. 2018

机译：隐私保护协议的有效实现和计算分析，以保护金融市场
6. The effectiveness of information and communication technology-based psychological interventions for paediatric chronic pain: protocol for a systematic review meta-analysis and intervention content analysis [O] . Angeline Traynor, Eimear Morrissey, Jonathan Egan, 2016

机译：基于信息和通信技术的心理干预对小儿慢性疼痛的有效性：系统评价荟萃分析和干预内容分析的方案
7. Performance Analysis of Cluster Based Communication Protocols for Energy Efficient Wireless Sensor Networks. Design, Analysis and Performance Evaluation of Communication Protocols under Various Topologies to Enhance the Lifetime of Wireless Sensor Networks. [O] . Bajaber Fuad G. 2010

机译：节能无线传感器网络基于群集的通信协议的性能分析。各种拓扑下通信协议的设计，分析和性能评估，以延长无线传感器网络的使用寿命。

Reverse analysis of secure communication protocol based on taint analysis

摘要

著录项

相似文献

相关主题

期刊订阅