University of Limerick Institutional Repository

A novel security protocol attack detection logic with unique fault discovery capability for freshness attacks and interleaving session attacks

DSpace Repository

Show simple item record Jurcut, Anca Coffey, Tom Dojen, Reiner 2019-02-04T09:45:10Z 2019-02-04T09:45:10Z 2017
dc.description peer-reviewed en_US
dc.description.abstract This paper introduces a new logic-based technique for detecting security protocol weaknesses that are exploitable by freshness and interleaving session attacks. This technique is realised as a special purpose logic to be used throughout the protocol design stage, where a draft of the protocol is subjected to formal analysis prior to its publication or deployment. For any detected failures the analysis also reveals their cause, facilitating design corrections. The proposed Attack Detection Logic is introduced and its details, including the language, predicates, axioms, rules, semantics as well as soundness and completeness are presented. The effectiveness of the logic is evaluated in a case study, where it is demonstrated how to use the Attack Detection Logic as part of the design process of security protocols. Further, the logic is applied to a range of security protocols, including protocols with known weaknesses and protocols that are known to be secure. The logic’s ability to detect various attacks is established by demonstrating that for protocols with known weaknesses, at least one detection rule is activated and no detection rule is activated for protocols without weaknesses. This case study confirms the logic’s ability to detect design weaknesses exploitable by freshness and interleaving session attacks. en_US
dc.language.iso eng en_US
dc.publisher IEEE Computer Society en_US
dc.relation 11RFP.1CMS 3340 en_US
dc.relation.ispartofseries IEEE Transactions on Dependable and Secure Computing;
dc.rights © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. en_US
dc.subject C.2.2 network protocols en_US
dc.subject C.2.2.c protocol verification en_US
dc.subject C.2.8.a algorithm/protocol design and analysis D.4.6 security and privacy protection en_US
dc.subject D.4.6.b authentication en_US
dc.subject D.4.6.gverification en_US
dc.title A novel security protocol attack detection logic with unique fault discovery capability for freshness attacks and interleaving session attacks en_US
dc.type info:eu-repo/semantics/article en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.identifier.doi 10.1109/TDSC.2017.2725831
dc.contributor.sponsor SFI en_US
dc.relation.projectid 11/RFP.1/CMS 3340 en_US
dc.rights.accessrights info:eu-repo/semantics/openAccess en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search ULIR


My Account