Detecting and Preventing Type flaws: a Control Flow Analysis with Tags
نویسندگان
چکیده
A type flaw attack on a security protocol is an attack where an honest principal is cheated on interpreting a field in a message as the one with a type other than the intended one. In this paper, we shall present an extension of theLySa calculus with tags attached to each field, indicating the intended types. We developed a control flow analysis for analysing the extended LySa, which over-approximates all the possible behaviour of a protocol and hence is able to capture any type confusion that may happen during the protocol execution. The control flow analysis has been applied to a number of security protocols, either subject to type flaw attacks or not. The results show that it is able to capture type flaw attacks on those security protocols.
منابع مشابه
A Formal Analysis of Complex Type Flaw Attacks on Security Protocols
A simple type confusion attack occurs in a security protocol, when a principal interprets data of one type as data of another. These attacks can be successfully prevented by \tagging" types of each eld of a message. Complex type confusions occur instead when tags can be confused with data and when elds or sub-segments of elds may be confused with concatenations of elds of other types. Capturing...
متن کاملDeveloping a Testing Framework for Security
Despite increasing efforts in detecting and managing software security flaws, the number of security attacks is still rising every year [5, 21]. As software becomes more complex, security flaws are more easily introduced into a system and more difficult to eliminate. Meanwhile, attackers take advantage of software tools for developing, testing and debugging exploits, which make the construction...
متن کاملOn the Evolution of Quality Flaws and the Effectiveness of Cleanup Tags in the English Wikipedia
The improvement of information quality is a major task for the free online encyclopedia Wikipedia. Recent studies targeted the analysis and detection of specific quality flaws in Wikipedia articles. To date, quality flaws have been exclusively investigated in current Wikipedia articles, based on a snapshot representing the state of Wikipedia at a certain time. This paper goes further, and provi...
متن کاملP-215: Discovery of A Novel APA Variant of A Human Potential Gene Based on Expressed Sequenced Tags Analysis
Background: Expressed sequence tags (ESTs) are sequences of cDNA fragments prepared from different tissue sources. There are over one million of these sequences in the publicly available database, and these sequences are believed to represent more than half of all human genes. The ESTs belong to different cDNA libraries, was prepared from one particular cell type, organ, or tumor. Therefore, th...
متن کاملبررسی میکروسکوپ الکترونی اثر پرایمر بر نفوذ سیلنت در مینای آلوده به بزاق
Background and Aims: Moisture contamination of etched enamel during application of sealant is the most frequently cited reason for sealant failure. In previous studies, some hydrophilic bonding agents have been shown to bond to etched enamel after salivary contamination. The purpose of this study was to evaluate the enamelsealant interface following the use of primer on the saliva contaminated ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 194 شماره
صفحات -
تاریخ انتشار 2007