some improvements to the cost-based framework for analyzing denial of service attacks
文献类型:会议论文
| 作者 | Yue Qinggang ; Liu Feng ; Xue Rui |
| 出版日期 | 2012 |
| 会议名称 | Trusted Systems Third International Conference, INTRUST 2011 |
| 会议日期 | 2011 |
| 会议地点 | Beijing China |
| 关键词 | Denial of Service – Formal modeling – Cost based framework – JFKi protocol |
| 页码 | 84-101 |
| 中文摘要 | Recently, people are paying more attention to formalizing and analyzing Denial of Service (DoS) attacks, but the known analysis models are either not precise enough or not readily used in an automatic way. In this paper, we make some improvements to the cost-based framework proposed by Meadows that aims to formalize DoS attacks. After improvement, the framework models intruders and protocols faithfully in CoreASM, and in a more accurate way in specification. Besides, the analysis can be performed automatically. In the improvements, a more flexible tolerance relation is defined so that the analysis result is in a broad form rather than merely binary as in previous works. Also, concrete values are used for representing the operational costs so as to make cost functions more precise and flexible in analysis. In this paper, the JFKi protocol is automatically analyzed as an indication of the advantages of the improvements. It explores the vulnerability that was previously found manually. The discussion on the JFKi protocol shows some difficulties in designing and analyzing DoS-resistent protocols. |
| 英文摘要 | Recently, people are paying more attention to formalizing and analyzing Denial of Service (DoS) attacks, but the known analysis models are either not precise enough or not readily used in an automatic way. In this paper, we make some improvements to the cost-based framework proposed by Meadows that aims to formalize DoS attacks. After improvement, the framework models intruders and protocols faithfully in CoreASM, and in a more accurate way in specification. Besides, the analysis can be performed automatically. In the improvements, a more flexible tolerance relation is defined so that the analysis result is in a broad form rather than merely binary as in previous works. Also, concrete values are used for representing the operational costs so as to make cost functions more precise and flexible in analysis. In this paper, the JFKi protocol is automatically analyzed as an indication of the advantages of the improvements. It explores the vulnerability that was previously found manually. The discussion on the JFKi protocol shows some difficulties in designing and analyzing DoS-resistent protocols. |
| 收录类别 | SPRINGER ; EI |
| 会议主办者 | Beijing Institute of Technology; ONETS Wireless and Internet Security Company; Singapore Management University; Administrative Committee of Zhongguangcun Haidian Science Park |
| 会议录 | Trusted Systems
 |
| 语种 | 英语 |
| ISSN号 | 0302-9743 |
| ISBN号 | 978-3-642-32297-6 |
| 源URL | [http://ir.iscas.ac.cn/handle/311060/15738]  |
| 专题 | 软件研究所_软件所图书馆_会议论文 |
| 推荐引用方式 GB/T 7714 | Yue Qinggang,Liu Feng,Xue Rui. some improvements to the cost-based framework for analyzing denial of service attacks[C]. 见:Trusted Systems Third International Conference, INTRUST 2011. Beijing China. 2011. |
入库方式: OAI收割
来源:软件研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。