Security protocol vulnerability mining method based on multiple reverse cases

Abstract

The invention discloses a security protocol vulnerability mining method based on multiple reverse cases, which comprises the following steps: S1, modeling a security protocol required to be verified by using a promela language, and storing the security protocol in a .pml file format; S2, reducing the security property of a protocol, and expressing the security property in an LTL form; S3, verifying the security protocol in a manner of searching for an inverse example; S4, eliminating similar inverse cases, wherein an editing distance method is used for measuring a weight sequence of the inverse cases, and eliminating the similar inverse cases; then further eliminating similar reverse examples by using a method of comparing the attack path graphs; and S5, processing the residual reverse case set in the step S4 by using a statistical method. According to the method, a weight concept is introduced in a model detection stage, weight sequences in inverse cases are further compared, and similar inverse cases are eliminated. In the inverse case analysis stage, a statistical method is used for processing a large number of redundant inverse cases, so that the analysis process of the inversecases is more automatic, and the accuracy and efficiency of security protocol analysis are improved.

Description

technical field [0001] The invention belongs to the technical field of network space security, and in particular relates to a security protocol loophole mining method based on multiple negative examples. Background technique [0002] With the advent of the information age and the gradual improvement and maturity of computer technology, information has penetrated into every aspect of human life. From basic necessities of life to national defense, aviation, and industry, information is inseparable, and the carrier of information is the Internet. This information facilitates people's daily life, promotes social development, and promotes the progress of human economy and civilization. When there is a problem with information security, it will affect people's clothing, food, housing and transportation, and cause huge losses to the national economy and people's livelihood. To ensure information security, reliable security protocols are essential. [0003] Security protocols, also...

AI Technical Summary

Problems solved by technology

For example, the logical method needs to use logical language to describe the protocol before verifying the protocol, which is an idealized protocol. There is no unified and accurate method for this process, so that the formal idea cannot be carried out to the end.

In addition, since logic methods are based on assumptions and reasoning, the correctness of the assumptions will directly affect the correctness of the conclusions, but most logics fail to provide proofs of these properties

The disadvantage of the theorem proving method is: when the protocol is insecure, the method cannot give an attack path and a counterexample

The main disadvantage of the model detection method is that when the system is more complex, the state space will become very large, that is, the state space explosion problem, and the detection process may not terminate at this time

Images