Security protocol vulnerability mining method based on multiple reverse cases

A security protocol and vulnerability mining technology, applied in electrical components, transmission systems, etc., can solve the problems of state space explosion, proof, no unified and accurate method, etc., to reduce workload, improve accuracy and efficiency.

Inactive Publication Date: 2019-09-03
UNIV OF ELECTRONIC SCI & TECH OF CHINA
5 Cites 12 Cited by

AI-Extracted Technical Summary

Problems solved by technology

For example, the logical method needs to use logical language to describe the protocol before verifying the protocol, which is an idealized protocol. There is no unified and accurate method for this process, so that the formal idea cannot be carried out to the end.
In addition, since logic methods are based on assumptions and reasoning, the correctness of the assumptions will directly affect the correctness of the conclusions, ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention discloses a security protocol vulnerability mining method based on multiple reverse cases, which comprises the following steps: S1, modeling a security protocol required to be verified by using a promela language, and storing the security protocol in a .pml file format; S2, reducing the security property of a protocol, and expressing the security property in an LTL form; S3, verifying the security protocol in a manner of searching for an inverse example; S4, eliminating similar inverse cases, wherein an editing distance method is used for measuring a weight sequence of the inverse cases, and eliminating the similar inverse cases; then further eliminating similar reverse examples by using a method of comparing the attack path graphs; and S5, processing the residual reverse case set in the step S4 by using a statistical method. According to the method, a weight concept is introduced in a model detection stage, weight sequences in inverse cases are further compared, and similar inverse cases are eliminated. In the inverse case analysis stage, a statistical method is used for processing a large number of redundant inverse cases, so that the analysis process of the inversecases is more automatic, and the accuracy and efficiency of security protocol analysis are improved.

Application Domain

Technology Topic

Phases of clinical researchSecurity protocol analysis +8

Image

  • Security protocol vulnerability mining method based on multiple reverse cases
  • Security protocol vulnerability mining method based on multiple reverse cases
  • Security protocol vulnerability mining method based on multiple reverse cases

Examples

  • Experimental program(1)

Example Embodiment

[0040] This method is extended on the basis of model checking. In the process of model checking, the concept of node weight is introduced, and counter-examples are analyzed, and the information in multiple counter-examples is integrated to mine vulnerabilities in security protocols. The general idea is as follows: protocol modeling-model checking-elimination of similar counterexamples-analysis of numerous counterexamples, mining protocol vulnerabilities. The specific process diagram is as figure 1 As shown, a specific description will be given below.
[0041] A security protocol vulnerability mining method based on multiple counterexamples of the present invention includes the following steps:
[0042] S1. Use promela language to model the security protocol that needs to be verified, and save it as a .pml file format; in step S1, you first need to use promela language to model the security protocol, and the nspk protocol is used as an example for illustration. The protocol has three participants, namely, the initiator, the responder, and the intruder. They pass messages through a channel chan. According to the DV model, the attacker has the ability to intercept messages in the channel and use the existing knowledge set to construct and forward new messages to achieve the purpose of the attack. In this example, we use promela language to accurately describe the activities between the three and complete the extraction of the agreement model.
[0043] S2, the security nature of the statute agreement, and expressed in the form of LTL;
[0044] S3. Use the .pml file in S1 and the security properties of LTL in S2 as the input of the model detector, set the maximum stack depth, the maximum number of counterexamples when the search is terminated, and the verification mode parameters, and verify the security protocol by finding counterexamples; During the verification process, the weight value of each state node is calculated. If a counterexample is found, the counterexample and the weight sequence of the corresponding state node will be returned and saved in the form of a .trail file; until the entire state space is traversed;
[0045] In step S3, the model of the protocol needs to be model checked. Different from traditional model checking, by introducing weights into the Kripke structure, it is ready for subsequent elimination of similar counterexamples. The Kripke structure before improvement is shaped like the following four-tuple: M=(s, s 0 , R, L). The improved Kripke structure is shaped like the following five-tuple: M = (s, s 0 , R, L, ω). Where ω is the weight of the introduced node. The specific implementation method in step S3 is: abstract the state space of the security protocol model into a directed graph, use a depth-first search algorithm to traverse the directed graph, and determine whether each state node meets the security properties of step S2 until the traversal is complete The entire state space diagram; in the detection process, once a counterexample is found, the counterexample is saved, and the weight value of each node in the counterexample is recorded and saved in the .trail file. On-the-fly reduction technology is used in the search process, so the time performance is also greatly improved.
[0046] S4. Eliminate similar counterexamples: use edit distance method to measure the weight sequence of counterexamples, eliminate similar counterexamples, keep only one in each type of counterexample set; then use the method of comparing attack path graphs to further eliminate similar counterexamples;
[0047] The similar counterexample is defined as: if two or more counterexamples correspond to the same attack path graph, then they are similar counterexamples.
[0048] The elimination is defined as: the process of retaining one of many similar counterexamples and removing other counterexamples is called elimination of counterexamples.
[0049] Defining the attack path graph is a graphical representation of the attack process corresponding to a counterexample. Take the most common attacks of the nspk protocol as an example, such as figure 2 Shown.
[0050] The specific implementation method in step S4 is as follows: the standard for measuring the similarity of two counterexamples is the distance of the node weight sequence of the counterexample; the edit distance is used to measure the distance of the weight sequence; the recursive formula of the edit distance dynamic programming algorithm is:
[0051] d i0 =i for 1≤i≤m
[0052] d 0j =j for 1≤j≤n
[0053]
[0054] d ij Represents the edit distance value of the subsequence composed of the first i elements of the first sequence and the subsequence composed of the first j elements of the second sequence; m and n respectively represent the length of the two sequences;
[0055] S4 specifically includes the following sub-steps:
[0056] S41. Set a weight threshold W, and extract the weight sequence of counterexamples: extract the weight value of each counterexample that is greater than the threshold W;
[0057] S42. (The user) sets a similarity threshold S, and uses the edit distance method to compare the similarity of the weight sequences of two counterexamples; if the similarity is greater than S, the two counterexamples can be considered similar, and the newly added counterexample is deleted; Repeat this until there is no counterexample with very similar weight sequences in the counterexample set. The elimination process is as follows image 3 Shown
[0058] S43. In the remaining set of counterexamples, do the following processing for each counterexample: use the model detector to execute the counterexample, and generate its corresponding attack path graph, and extract the message communication content between the protocol entities in the process of generating the graph. ; Use string comparison method to confirm whether the message communication content between entities is the same, if the same, eliminate any counterexamples, otherwise do not operate, the specific model is as Figure 4 Shown.
[0059] S5. Use statistical methods to process the remaining set of counterexamples in step S4; count the number of times each source sentence appears in counterexamples, and generate a suspicious sentence ranking table according to the frequency of appearance; analyze each sentence from the beginning of the table: First find the benchmark counterexample corresponding to the statement and the path of recent successful execution; find the difference between the two through comparison, if the difference statement is the statement that causes the vulnerability, modify the protocol; delete the statement from the beginning of the table; repeat the above operations, Until the suspicious degree statement sorting table is empty.
[0060] After the processing of S4, in step S5, the number of counterexamples to be processed is greatly compressed. Use the tarantula statistical method to process each counter-example, calculate the frequency of each sentence in the numerous counter-examples, and generate a suspicion table based on the frequency, analyze each sentence from the beginning of the table, and finally locate the vulnerability and propose amendments. ; When using tarantula method, the suspicion of a sentence is defined as follows:
[0061]
[0062] suspicious(p) represents the suspicion value of statement p, failed(p) and passed(p) represent the number of occurrences of statement p in counterexamples and successful execution paths, respectively, total p And total f Respectively indicate the number of successful execution paths and counterexamples; the suspicion value is in the interval [0,1], 1 represents the maximum suspicion, and 0 represents the minimum suspicion;
[0063] S5 specifically includes the following sub-steps:
[0064] S51. Select a counterexample from the counterexample set for execution, and use the tarantula method to count the statements that appear during the execution. Each time a statement appears, the corresponding number of times in the statistical table is increased by one, and the operation is repeated until all counterexamples have been processed;
[0065] S52. Sort the sentences in the statistical table according to the frequency of occurrence, and the most frequent occurrence is at the top of the table, and a suspicious degree ranking table is generated;
[0066] S53. Select the first element of the table, and use the distance measurement method to find the nearest successful execution path corresponding to the benchmark counterexample of the sentence;
[0067] S53. Find the difference ΔS between the counterexample and the corresponding recent successful execution path, analyze the sentence that ΔS locates that causes the vulnerability, modify the protocol, and repair the protocol vulnerability;
[0068] S54. Delete the sentence from the head of the sorting table, and return to step S42 until the suspicious degree table is empty.
[0069] Those of ordinary skill in the art will realize that the embodiments described herein are to help readers understand the principles of the present invention, and it should be understood that the protection scope of the present invention is not limited to such special statements and embodiments. Those of ordinary skill in the art can make various other specific modifications and combinations that do not depart from the essence of the present invention based on the technical enlightenment disclosed in the present invention, and these modifications and combinations still fall within the protection scope of the present invention.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

Device and method for inner bore type component brush plating

InactiveCN101514468ALow costReduce workloadRotary actuatorMechanical engineering
Owner:ACADEMY OF ARMORED FORCES ENG PLA

Classification and recommendation of technical efficacy words

  • Reduce workload
  • Improve efficiency and accuracy

Hospital gown

InactiveUS7181773B1Reduce workloadQuickly exposePyjamasUndergarmentsRight clavicleSurface plate
Owner:WILLIAM BEAUMONT HOSPITAL

Method and apparatus for directionally grabbing page resource

InactiveCN101452463AIncrease yield and recallReduce workloadSpecial data processing applicationsRegular expressionDatabase
Owner:ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products