P. Narayana, Ruiming Chen, Yao Zhao, Yan Chen, Z. Fu, Hai Zhou
{"title":"基于TLA+的IEEE 802.16 WiMAX协议漏洞自动检测","authors":"P. Narayana, Ruiming Chen, Yao Zhao, Yan Chen, Z. Fu, Hai Zhou","doi":"10.1109/NPSEC.2006.320346","DOIUrl":null,"url":null,"abstract":"Vulnerability analysis is indispensably the first step towards securing a network protocol, but currently remains mostly a best effort manual process with no completeness guarantee. Formal methods are proposed for vulnerability analysis and most existing work focus on security properties such as perfect forwarding secrecy and correctness of authentication. However, it remains unclear how to apply these methods to analyze more subtle vulnerabilities such as denial-of-service (DoS) attacks. To address this challenge, in this paper, we propose use of TLA+ to automatically check DoS vulnerability of network protocols with completeness guarantee. In particular, we develop new schemes to avoid state space explosion in property checking and to model attackers' capabilities for finding realistic attacks. As a case study, we successfully identify threats to IEEE 802.16 air interface protocols.","PeriodicalId":206067,"journal":{"name":"2006 2nd IEEE Workshop on Secure Network Protocols","volume":"85 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":"{\"title\":\"Automatic Vulnerability Checking of IEEE 802.16 WiMAX Protocols through TLA+\",\"authors\":\"P. Narayana, Ruiming Chen, Yao Zhao, Yan Chen, Z. Fu, Hai Zhou\",\"doi\":\"10.1109/NPSEC.2006.320346\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Vulnerability analysis is indispensably the first step towards securing a network protocol, but currently remains mostly a best effort manual process with no completeness guarantee. Formal methods are proposed for vulnerability analysis and most existing work focus on security properties such as perfect forwarding secrecy and correctness of authentication. However, it remains unclear how to apply these methods to analyze more subtle vulnerabilities such as denial-of-service (DoS) attacks. To address this challenge, in this paper, we propose use of TLA+ to automatically check DoS vulnerability of network protocols with completeness guarantee. In particular, we develop new schemes to avoid state space explosion in property checking and to model attackers' capabilities for finding realistic attacks. As a case study, we successfully identify threats to IEEE 802.16 air interface protocols.\",\"PeriodicalId\":206067,\"journal\":{\"name\":\"2006 2nd IEEE Workshop on Secure Network Protocols\",\"volume\":\"85 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-11-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"27\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 2nd IEEE Workshop on Secure Network Protocols\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NPSEC.2006.320346\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 2nd IEEE Workshop on Secure Network Protocols","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NPSEC.2006.320346","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Automatic Vulnerability Checking of IEEE 802.16 WiMAX Protocols through TLA+
Vulnerability analysis is indispensably the first step towards securing a network protocol, but currently remains mostly a best effort manual process with no completeness guarantee. Formal methods are proposed for vulnerability analysis and most existing work focus on security properties such as perfect forwarding secrecy and correctness of authentication. However, it remains unclear how to apply these methods to analyze more subtle vulnerabilities such as denial-of-service (DoS) attacks. To address this challenge, in this paper, we propose use of TLA+ to automatically check DoS vulnerability of network protocols with completeness guarantee. In particular, we develop new schemes to avoid state space explosion in property checking and to model attackers' capabilities for finding realistic attacks. As a case study, we successfully identify threats to IEEE 802.16 air interface protocols.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
