A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Jurcut, Anca Delia; Coffey, Tom; Dojen, Reiner

doi:10.1109/tdsc.2017.2725831

Cited by 13 publications

(17 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2017, Jurcut, Coffey and Dojen [21] proposed a novel logic with attack detection capabilities for the formal verification of cryptographic security protocols. This logic, referred to as the Attack Detection Logic, expands the capabilities of existing logic-based verification techniques, by adding attack detection to their traditional role of proving that protocols meet their security goals.…”

Section: Logic-based Technique For Formal Verification Of Securitmentioning

confidence: 99%

“…This section outlines a prototype implementation of the Attack Detection Logic theory [21], which was integrated into an existing logic-based verification tool CDVT [22]. The CDVT tool uses a process of deductive reasoning based on Layered Proving Tree theoretical concept [17] to produce the verification results.…”

Section: Automation Of Attack Detection Logic Theorymentioning

confidence: 99%

“…This paper is concerned with the use of logic techniques for the formal analysis of security protocols. We demonstrate the application of a recently proposed technique, which was realised as a special purpose logic for attack detection [21]. The Attack Detection Logic expands the capabilities of logic-based verification techniques, by adding attack detection to their traditional role of proving that protocols meet their security goals.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Automated Logic-Based Technique for Formal Verification of Security Protocols

Jurcut¹

2018

JACN

View full text Add to dashboard Cite

 Abstract-The design of secure protocols is complex and prone to error. Formal verification is an imperative step in the design of security protocols and provides a rigid and thorough means of evaluating the correctness of security protocols. This paper discusses the process of formal verification using a logic-based technique for detecting protocol weaknesses that are exploitable by freshness and interleaving attacks. This technique is realised as a special purpose logic for attack detection that can be used throughout the design stage, i.e. it subjects a draft of a protocol to formal analysis prior to its publication or deployment. For any detected failure the analysis will also reveal reasons for the weaknesses, facilitating design corrections. A summary of the attack detection logic is presented and its ability to detect weaknesses is demonstrated by applying it to a smart-card based authentication protocol. Further, a prototype implementation of the attack detection logic theory is introduced. An empirical study is presented that assesses the effectiveness and efficiency of the proposed automated technique by applying it to a set of protocols, incorporating some with known vulnerabilities and some that are known to be secure. This study confirms the ability of the technique to detect all design weaknesses. Additionally, it establishes the efficiency of the verification technique, in terms of memory requirements (study was carried out on a computing platform of 2GB of RAM) and execution times (milliseconds) required for protocol verification. Index Terms-Attacks, formal verification, logic-based verification tool security protocols. I. INTRODUCTIONThe security of electronic networks and information systems is a critical issue for the use of new technologies in many fields of life. The massive growth in communications, in particular in the wireless sector and internet of things, causes an ever changing environment for today"s communication services. Security protocols are required to ensure the security of both the communications infrastructure itself and the information that runs through it. Designing error-free security protocols that are impervious to attack techniques, such as freshness and interleaving sessions (i.e. impersonation attacks, man-in-the-middle attacks, oracle attacks, multiplicity attacks and other types of parallel session attacks) is an extremely challenging task [1]. The challenge comes mainly from the difficulty of foreseeing all possible operative scenarios of an attacker, which can include concurrent execution of several protocol sessions and various different attack strategies. For example, in a freshness attack the adversary uses components of the messages from previous

show abstract

Section: Logic-based Technique For Formal Verification Of Securitmentioning

confidence: 99%

Section: Automation Of Attack Detection Logic Theorymentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Automated Logic-Based Technique for Formal Verification of Security Protocols

Jurcut¹

2018

JACN

View full text Add to dashboard Cite

show abstract

“…In addition, logics have the advantages of being decidable and efficiently computable and thus can completely be automated. We use CDVT/AD verification tool [8], [9], [13] in this research, which is an automated system that implements a modal logic of knowledge and an attack detection theory. This tool can analyze the evolution of both knowledge and belief during a protocol execution and therefore is useful in addressing issues of both security and trust.…”

Section: Logic-based Verification Of Protocolsmentioning

confidence: 99%

“…The CDVT/AD verification tool [8], [9] is used to establish the correctness of the authentication session of MSCP. Further, any vulnerability in the design of the verified protocol that can be exploited by freshness and interleaving session attacks will be highlighted by the verification tool.Prior to verification, the protocol must be formally expressed using the language of the verification tool before verification starts.…”

Section: Formal Verification Of Mscpmentioning

confidence: 99%

On the security verification of a short message service protocol

Jurcut

Liyanage

Chen

et al. 2018

2018 IEEE Wireless Communications and Networking Conference (WCNC)

View full text Add to dashboard Cite

Short Message Service (SMS) is a text messaging service component of smart phones, web, or mobile communication systems which requires a high level of security to provide user authentication and data confidentiality. To provide such security features, a high security communication protocol for SMS, called Message Security Communication Protocol (MSCP) was proposed. In this paper, MSCP is formally analyzed using an automated logic-based verification tool with attack detection capabilities. The performed formal verification reveals that the proposed protocol is susceptible to parallel session and denial-ofservice (DoS) attacks. The reasoning why these attacks are possible is detailed and an amended protocol is proposed to counter the identified attacks. Formal verification of the amended protocol provides confidence regarding the correctness and effectiveness of the proposed modifications.

show abstract

Introduction to IoT Security

Jurcut¹,

Ranaweera²,

Xu³

2019

Wiley 5G Ref

View full text Add to dashboard Cite

In a world with “things” and devices interconnected at every level, from wearables to home and building automation, to smart cities and infrastructure, to smart industries, and to smart‐everything, the Internet of Things (IoT) security plays a central role with no margin for error or shortage on supply. Securing, including authentication of these devices, will become everyone's priority, from manufacturers to silicon vendors (or IP developers), to software and application developers, and to the final consumer, the beneficiaries of the security “recipe” that will accompany these IoT products. Together, all consumers of these products need to adapt to the market demands, innovate, and improve processes, grasp new skills and learn new methods, raise awareness and embrace new training and curricula programs. In this article, we provide a thorough survey and classification of the existing vulnerabilities, exploitable attacks, possible countermeasures as well as access control mechanisms including authentication and authorization. These challenges are addressed in detail considering both the technologies and the architecture used. Furthermore, this work also focuses also on IoT intrinsic vulnerabilities as well as the security challenges at every layer. In addition, solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and suggestions for improvement are discussed.

show abstract

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Cited by 13 publications

References 39 publications

Automated Logic-Based Technique for Formal Verification of Security Protocols

Automated Logic-Based Technique for Formal Verification of Security Protocols

On the security verification of a short message service protocol

Introduction to IoT Security

Contact Info

Product

Resources

About