A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Jurcut Anca; Coffey Tom; Dojen Reiner

首页> 外文期刊>IEEE transactions on dependable and secure computing >A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

【24h】

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

机译：一种新颖的安全协议攻击检测逻辑，具有针对新鲜攻击和交叉会话攻击的独特故障发现能力

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper introduces a new logic-based technique for detecting security protocol weaknesses that are exploitable by freshness and interleaving session attacks. This technique is realised as a special purpose logic to be used throughout the protocol design stage, where a draft of the protocol is subjected to formal analysis prior to its publication or deployment. For any detected failures the analysis also reveals their cause, facilitating design corrections. The proposed Attack Detection Logic is introduced and its details, including the language, predicates, axioms, rules, semantics as well as soundness and completeness are presented. The effectiveness of the logic is evaluated in a case study, where it is demonstrated how to use the Attack Detection Logic as part of the design process of security protocols. Further, the logic is applied to a range of security protocols, including protocols with known weaknesses and protocols that are known to be secure. The logics ability to detect various attacks is established by demonstrating that for protocols with known weaknesses, at least one detection rule is activated and no detection rule is activated for protocols without weaknesses. This case study confirms the logics ability to detect design weaknesses exploitable by freshness and interleaving session attacks.

机译：本文介绍了一种新的基于逻辑的技术，用于检测安全协议漏洞，这些漏洞可被新鲜度和交错会话攻击利用。该技术被实现为在协议设计阶段中使用的专用逻辑，在该阶段中，协议草案在发布或部署之前要经过正式分析。对于任何检测到的故障，分析还可以揭示其原因，从而有助于设计更正。介绍了拟议的攻击检测逻辑，并介绍了其详细信息，包括语言，谓词，公理，规则，语义以及健全性和完整性。在案例研究中评估了该逻辑的有效性，并在其中演示了如何将攻击检测逻辑用作安全协议设计过程的一部分。此外，该逻辑被应用于一系列安全协议，包括具有已知弱点的协议和已知为安全的协议。通过证明对于具有已知弱点的协议，至少一个检测规则被激活，并且对于没有弱点的协议，没有检测规则被激活，来建立检测各种攻击的逻辑能力。该案例研究证实了逻辑能力能够检测可被新鲜度和交错会话攻击利用的设计弱点。

著录项

来源
《IEEE transactions on dependable and secure computing》 |2019年第6期|969-983|共15页
作者
Jurcut Anca; Coffey Tom; Dojen Reiner;
展开▼
作者单位

Univ Limerick Dept Elect & Comp Engn Limerick V94 T9PX Ireland;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Protocols; Cryptography; Authentication; Design methodology; Guidelines; Network protocols; protocol verification; algorithm; protocol design and analysis; security and privacy protection; authentication; verification;

机译：协议;密码学;认证;设计方法;准则;网络协议;协议验证;算法;协议设计和分析;安全和隐私保护;认证;验证;

相似文献

外文文献
中文文献
专利

1. Design guidelines for security protocols to prevent replay & parallel session attacks [J] . Anca D. Jurcut, Tom Coffey, Reiner Dojen Computers & Security . 2014,第sepa期

机译：安全协议的设计准则，以防止重放和并行会话攻击
2. Detection of Faults and Attacks Including False Data Injection Attack in Smart Grid Using Kalman Filter [J] . Manandhar K., Cao X., Hu F., Control of Network Systems, IEEE Transactions on . 2014,第4期

机译：使用卡尔曼滤波器检测智能电网中的故障和攻击，包括虚假数据注入攻击
3. A Security Protocol Resistant to Intermittent Position Trace Attacks and Desynchronization Attacks in RFID Systems [J] . Lijun Gao, Maode Ma, Yantai Shu, Wireless personal communications: An Internaional Journal . 2013,第4期

机译：一种可抵抗RFID系统中间歇性位置跟踪攻击和失步攻击的安全协议
4. A novel session layer protocol with enhanced rate and passive and active attack detection capabilities in quantum communication [C] . Halawa S.A., Elkamchouchi H.M. National Radio Science Conference . 2007

机译：一种新的会话层协议，具有增强的速率和无源和主动攻击检测能力在量子通信中
5. Analysis and Automated Discovery of Attacks in Transport Protocols [D] . Jero, Samuel C. 2018

机译：分析和自动发现传输协议中的攻击
6. Hereditary Angioedema: 454 Efficacy of Icatibant Versus Fresh Frozen Plasma for Attacks of Hereditary Angioedema: Analysis of Indivudual Symptoms by Attack Site [O] . Alicia Lara, M. Esthela Hernandez 2012

机译：遗传性血管性水肿：454度伊卡替班与新鲜冷冻血浆对遗传性血管性水肿发作的疗效：按发作部位分析个别症状
7. A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks [O] . Anca Jurcut, Tom Coffey, Reiner Dojen 2019

机译：一种新的安全协议攻击检测逻辑，具有唯一故障发现能力的新鲜度攻击和交错会话攻击

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

摘要

著录项

相似文献

相关主题

期刊订阅