{"title":"指定和检查基于TLA的网络协议","authors":"Liang Wan, Wenchang Shi","doi":"10.1109/ICASID.2012.6325286","DOIUrl":null,"url":null,"abstract":"Network protocol vulnerability detection is paramount to network security. Formalization provides an important way for vulnerability detection. In this paper, we apply TLA, which is a powerful tool for formal analysis, to analyze network protocols. An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example. Firstly, roles for the protocol, especially those related to intruders, are created. Then actions of the roles are specified. Sessions among the roles are built. And environment parameters are set. A prototype program is developed to implement the approach, which covers the model and the detection properties of the protocol. Experiments show that our approach is effective and powerful in specifying and checking a protocol, and it is better than SPIN and SMV.","PeriodicalId":408223,"journal":{"name":"Anti-counterfeiting, Security, and Identification","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Specifying and checking network protocol based on TLA\",\"authors\":\"Liang Wan, Wenchang Shi\",\"doi\":\"10.1109/ICASID.2012.6325286\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network protocol vulnerability detection is paramount to network security. Formalization provides an important way for vulnerability detection. In this paper, we apply TLA, which is a powerful tool for formal analysis, to analyze network protocols. An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example. Firstly, roles for the protocol, especially those related to intruders, are created. Then actions of the roles are specified. Sessions among the roles are built. And environment parameters are set. A prototype program is developed to implement the approach, which covers the model and the detection properties of the protocol. Experiments show that our approach is effective and powerful in specifying and checking a protocol, and it is better than SPIN and SMV.\",\"PeriodicalId\":408223,\"journal\":{\"name\":\"Anti-counterfeiting, Security, and Identification\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Anti-counterfeiting, Security, and Identification\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICASID.2012.6325286\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Anti-counterfeiting, Security, and Identification","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICASID.2012.6325286","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Specifying and checking network protocol based on TLA
Network protocol vulnerability detection is paramount to network security. Formalization provides an important way for vulnerability detection. In this paper, we apply TLA, which is a powerful tool for formal analysis, to analyze network protocols. An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example. Firstly, roles for the protocol, especially those related to intruders, are created. Then actions of the roles are specified. Sessions among the roles are built. And environment parameters are set. A prototype program is developed to implement the approach, which covers the model and the detection properties of the protocol. Experiments show that our approach is effective and powerful in specifying and checking a protocol, and it is better than SPIN and SMV.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
