Detecting Collusion Attacks in Security Protocols
Security protocols have been widely used to safeguard secure electronic transactions. We usually assume that principals are credible and shall not maliciously disclose their individual secrets to someone else. Nevertheless, it is impractical to completely ignore the possibility that some principals may collude in private to achieve a fraudulent or illegal purpose. Therefore, it is critical to address the possibility of collusion attacks in order to correctly analyse security protocols. This paper proposes a framework by which to detect collusion attacks in security protocols. The possibility of security threats from insiders is especially taken into account. The case study demonstrates that our methods are useful and promising in discovering and preventing collusion attacks.
KeywordsInference Rule Frequent Itemsets Security Protocol Certificate Authority Transaction Database
Unable to display preview. Download preview PDF.
- 2.Zhang, C., Zhang, S.: Association Rule Mining: Models and Algorithms. In: Zhang, C., Zhang, S. (eds.) Association Rule Mining. LNCS (LNAI), vol. 2307. Springer, Heidelberg (2002)Google Scholar
- 5.Heintze, N., Tygar, J., Wing, J., Wong, H.: Model Checking Electronic Commerce Protocols. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, Oakland, California, pp. 147–164 (November 1996)Google Scholar
- 7.Celik, M.U., Sharma, G., Tekalp, A.M.: Collusion-resilient fingerprinting using random pre-warping. In: Proceeding of IEEE International Conference of Image Processing, pp. 509–512 (2003)Google Scholar
- 8.Bratko, I.: Prolog Programming for Artificial Intelligence. Addison-Wesley, Reading (1990)Google Scholar
- 9.SET Secure Electronic Transaction Specification, Book 1: Business Description, Version 1.0, May 31 (1997)Google Scholar