Customizing Protocol Specifications for Detecting Resource Exhaustion and Guessing Attacks
Model checkers for security protocols often focus on basic properties, such as confidentiality or authentication, using a standard model of the Dolev-Yao intruder. In this paper, we explore how to model other attacks, notably guessing of secrets and denial of service by resource exhaustion, using the AVANTSSAR platform with its modelling language ASLan. We do this by adding custom intruder deduction rules and augmenting protocol transitions with constructs that keep track of these attacks. We compare several modelling variants and find that writing deductions in ASLan as Horn clauses rather than transitions using rewriting rules is crucial for verification performance. Providing automated tool support for these attacks is important since they are often neglected by protocol designers and open up other attack possibilities.
KeywordsModel Checker Transition Rule Security Protocol Horn Clause Decryption Oracle
Unable to display preview. Download preview PDF.
- 3.AVANTSSAR: Deliverable 2.3 (update): ASLan++ specification and tutorial (2011), http://www.avantssar.eu
- 5.Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: Proc. 14th IEEE Computer Security Foundations Workshop, pp. 82–96 (2001)Google Scholar
- 6.Corin, R., Doumen, J.M., Etalle, S.: Analysing password protocol security against off-line dictionary attacks. In: Proc. 2nd Int’l. Workshop on Security Issues with Petri Nets and other Computational Models (WISP), pp. 47–63 (2004)Google Scholar
- 7.Corin, R., Malladi, S., Alves-Foss, J., Etalle, S.: Guess what? Here is a new tool that finds some new guessing attacks. In: Proc. Workshop on Issues in the Theory of Security, pp. 62–71 (2003)Google Scholar
- 11.Groza, B., Minea, M.: Formal modelling and automatic detection of resource exhaustion attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS (2011)Google Scholar
- 13.Lowe, G.: Some new attacks upon security protocols. In: Proc. of the 9th IEEE Computer Security Foundations Workshop, pp. 162–169 (1996)Google Scholar
- 15.Matsuura, K., Imai, H.: Modification of internet key exchange resistant against denial-of-service. In: Pre-Proceedings of Internet Workshop, pp. 167–174 (2000)Google Scholar
- 17.Ramachandran, V.: Analyzing DoS-resistance of protocols using a cost-based framework. Tech. Rep. DCS/TR-1239, Yale University (2002)Google Scholar
- 18.Smith, J., González Nieto, J.M., Boyd, C.: Modelling denial of service attacks on JFK with Meadows’s cost-based framework. In: Proc. of the 4th Australasian Information Security Workshop, pp. 125–134 (2006)Google Scholar
- 20.Zorn, G.: Microsoft PPP CHAP extensions, version 2 (2000)Google Scholar