Security protocol vulnerability mining method based on multiple reverse cases

A security protocol and vulnerability mining technology, applied in electrical components, transmission systems, etc., can solve the problems of state space explosion, proof, no unified and accurate method, etc., to reduce workload, improve accuracy and efficiency.

Inactive Publication Date: 2019-09-03
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, the logical method needs to use logical language to describe the protocol before verifying the protocol, which is an idealized protocol. There is no unified and accurate method for this process, so that the formal idea cannot be carried out to the end.
In addition, since logic methods are based on assumptions and reasoning, the correctness of the assumptions will directly affect the correctness of the conclusions,

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security protocol vulnerability mining method based on multiple reverse cases
  • Security protocol vulnerability mining method based on multiple reverse cases
  • Security protocol vulnerability mining method based on multiple reverse cases

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0040] This method is extended on the basis of model checking. In the process of model checking, the concept of node weight is introduced, and counter-examples are analyzed, and the information in multiple counter-examples is integrated to mine vulnerabilities in security protocols. The general idea is as follows: protocol modeling-model checking-elimination of similar counterexamples-analysis of numerous counterexamples, mining protocol vulnerabilities. The specific process diagram is as figure 1 As shown, a specific description will be given below.

[0041] A security protocol vulnerability mining method based on multiple counterexamples of the present invention includes the following steps:

[0042] S1. Use promela language to model the security protocol that needs to be verified, and save it as a .pml file format; in step S1, you first need to use promela language to model the security protocol, and the nspk protocol is used as an example for illustration. The protocol has th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security protocol vulnerability mining method based on multiple reverse cases, which comprises the following steps: S1, modeling a security protocol required to be verified by using a promela language, and storing the security protocol in a .pml file format; S2, reducing the security property of a protocol, and expressing the security property in an LTL form; S3, verifying the security protocol in a manner of searching for an inverse example; S4, eliminating similar inverse cases, wherein an editing distance method is used for measuring a weight sequence of the inverse cases, and eliminating the similar inverse cases; then further eliminating similar reverse examples by using a method of comparing the attack path graphs; and S5, processing the residual reverse case set in the step S4 by using a statistical method. According to the method, a weight concept is introduced in a model detection stage, weight sequences in inverse cases are further compared, and similar inverse cases are eliminated. In the inverse case analysis stage, a statistical method is used for processing a large number of redundant inverse cases, so that the analysis process of the inversecases is more automatic, and the accuracy and efficiency of security protocol analysis are improved.

Description

technical field [0001] The invention belongs to the technical field of network space security, and in particular relates to a security protocol loophole mining method based on multiple negative examples. Background technique [0002] With the advent of the information age and the gradual improvement and maturity of computer technology, information has penetrated into every aspect of human life. From basic necessities of life to national defense, aviation, and industry, information is inseparable, and the carrier of information is the Internet. This information facilitates people's daily life, promotes social development, and promotes the progress of human economy and civilization. When there is a problem with information security, it will affect people's clothing, food, housing and transportation, and cause huge losses to the national economy and people's livelihood. To ensure information security, reliable security protocols are essential. [0003] Security protocols, also...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 吴立军张卫杰李亚林
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap