Application Research of Inject Attack Sequence Searching Algorithm for Secu-rity Protocol Verification*

doi:10.3778/j.issn.1673-9418.2010.07.004

Journal of Frontiers of Computer Science and Technology ›› 2010, Vol. 4 ›› Issue (7): 608-616.DOI: 10.3778/j.issn.1673-9418.2010.07.004

• 学术研究 • Previous Articles Next Articles

Application Research of Inject Attack Sequence Searching Algorithm for Secu-rity Protocol Verification*

HAN Jin ⁺; XIE Junyuan

State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093, China

Received:1900-01-01 Revised:1900-01-01 Online:2010-07-14 Published:2010-07-14
Contact: HAN Jin

注入攻击序列搜索算法对安全协议的验证研究*

韩进⁺ ;谢俊元

南京大学计算机软件新技术国家重点实验室, 南京 210093

通讯作者: 韩进

Abstract

Abstract: It is concluded that the inject attack is the necessary method for D-Y attacker to get its aim. Based on the analysis of the inject attack sequence, an inject attack searching algorithm is presented, and a new security protocol verification approach, which based on the algorithm, is also presented. The NS protocol is verified by the approach in the paper, and the experiment shows that the approach can realize automatic security protocol verification, reduce the complexity of security protocol verification, and give attack ways according to the protocol flaws.

Key words: security protocol, verification, inject attack sequence

摘要： 通过对D-Y攻击者模型研究, 可知注入攻击是攻击者实现其攻击目标的必要手段。对注入攻击序列的性质进行分析, 提出了一种在安全协议会话状态空间中搜索注入攻击序列的算法, 基于该算法可实现一种新的安全协议验证方法。利用该方法实现了NS公钥协议的验证。实验表明该方法可以实现对安全协议的自动化验证, 降低了验证的复杂度, 并能给出安全协议漏洞的具体攻击方法。

关键词: 安全协议, 验证分析, 注入攻击序列

CLC Number:

TP393.08

HAN Jin ⁺; XIE Junyuan

. Application Research of Inject Attack Sequence Searching Algorithm for Secu-rity Protocol Verification*[J]. Journal of Frontiers of Computer Science and Technology, 2010, 4(7): 608-616.

韩进+ ;谢俊元 . 注入攻击序列搜索算法对安全协议的验证研究*[J]. 计算机科学与探索, 2010, 4(7): 608-616.

[1]	ZHANG Jun. SCVerify: Verification of Software Implementation Against Power Side-Channel Attacks [J]. Journal of Frontiers of Computer Science and Technology, 2021, 15(6): 1074-1083.
[2]	GUO Fan, FAN Weiwei. Analysis and Verification on SQLIA Vulnerability for Java EE Programs [J]. Journal of Frontiers of Computer Science and Technology, 2021, 15(2): 270-283.
[3]	CHEN Qinkuang, CHEN Ke, WU Sai, SHOU Lidan, CHEN Gang. Research About Knowledge Graph Completion Based on Active Learning [J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(5): 769-782.
[4]	JIA Dayu, XIN Junchang, WANG Zhiqiong, GUO Wei, WANG Guoren. Storage Capacity Scalable Model for Blockchain [J]. Journal of Frontiers of Computer Science and Technology, 2018, 12(4): 525-535.
[5]	ZHU Yi, HUANG Zhiqiu, ZHOU Hang. Formal Method for Verifying BPEL Model Used by Functional Programming Language [J]. Journal of Frontiers of Computer Science and Technology, 2018, 12(2): 185-196.
[6]	DAI Hua, WANG Min, YI Xun, YANG Geng, YE Qingqun. Survey of Secure MAX/MIN Query Processing in Wireless Sensor Networks [J]. Journal of Frontiers of Computer Science and Technology, 2017, 11(8): 1191-1203.
[7]	WU Zhipeng, HU Jun, CHEN Song, SHI Jiaojie. Safety Verification Methodology of Embedded System Based on AltaRica Model [J]. Journal of Frontiers of Computer Science and Technology, 2017, 11(1): 24-36.
[8]	QIN Xiaoqian, TAN Xiaoyang, CHEN Songcan. Kinship Verification Through Large Margin Bilinear Classifier [J]. Journal of Frontiers of Computer Science and Technology, 2016, 10(4): 524-532.
[9]	HU Jun, MA Jinjing, LIU Xue, CHENG Zhen, SHI Jiaojie, HUANG Zhiqiu. Model-Driven Reconfiguration Information Verification for Safety-Critical Systems [J]. Journal of Frontiers of Computer Science and Technology, 2015, 9(4): 385-402.
[10]	WANG Dan, CHANG Jiansheng, ZHAO Wenbing. Verification Model for Trustworthiness of Interaction between Software Components with Pi-calculus [J]. Journal of Frontiers of Computer Science and Technology, 2012, 6(5): 419-429.
[11]	JIANG Caoqing, YING Shi, WEN Jing, JIA Xiangyang, GUAN Hua. Verification of Termination for Exception Handling Process in Service-Oriented Software [J]. Journal of Frontiers of Computer Science and Technology, 2012, 6(3): 208-220.
[12]	HE Yanxiang^1,2+, WU Wei², LIU Tao², LI Qingan², CHEN Yong², HU Minghao², LIU Jianbo²,SHI Qian². Theory and Key Implementation Techniques of Trusted Compiler: A Survey [J]. Journal of Frontiers of Computer Science and Technology, 2011, 5(1): 1-22.
[13]	YANG Pingping^1,2, DU Xiaoyong^1,2+, WANG Jieping^1,2. Integrity Verification Based on Bucket Index in DAS Model [J]. Journal of Frontiers of Computer Science and Technology, 2010, 4(5): 426-435.
[14]	LI Xuesi+， MAO Xinjun， DONG Menggao . Agent Entity Self-evolving Software Technique and Supporting Environment [J]. Journal of Frontiers of Computer Science and Technology, 2010, 4(4): 312-323.
[15]	LI Jun+, YUAN Aidong, GAO Jiangang. The design and verification of a broadcast-based cache coherence protocol [J]. Journal of Frontiers of Computer Science and Technology, 2008, 2(5): 545-552.

Application Research of Inject Attack Sequence Searching Algorithm for Secu-rity Protocol Verification*

注入攻击序列搜索算法对安全协议的验证研究*

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics