A Formal Approach to Identifying Security Vulnerabilities in Telecommunication Networks
نویسندگان
چکیده
The number of security attacks on the telecommunication networks is constantly increasing. To prevent them, the telecom sector is looking for new automated techniques facilitating a discovery of potential network vulnerabilities and rectification of them. In this paper, we propose an approach for identifying potential attack scenarios and defining recommendations for preventing them. The approach is formalised in the Event-B framework. It allows us to not only formalise the analysed part of the network architecture and verify consistency of the control and data flow of the associated services but also employ model checking to generate and analyse attack scenarios. By applying the proposed approach, the designers can systematically explore network vulnerabilities and propose recommendations for attack prevention.
منابع مشابه
ملزومات امنیتی پیادهسازی IMS SIP سرور امن
IMS (IP Multimedia Subsystem) network is considered as an NGN (Next Generation Network) core networks by ETSI. Decomposition of IMS core network has resulted in a rapid increase of control and signaling message that makes security a required capability for IMS commercialization. The control messages are transmitted using SIP (Session Initiation Protocol) which is an application layer protocol. ...
متن کاملModel-Based Analysis of Configuration Vulnerabilities
Vulnerability analysis is concerned with the problem of identifying weaknesses in computer systems that can be exploited to compromise their security. In this paper we describe a new approach to vulnerability analysis based on model checking. Our approach involves: • Formal specification of desired security properties. An example of such a property is “no ordinary user can overwrite system log ...
متن کاملA scalable and robust hierarchical key establishment for mission-critical applications over sensor networks
The previous schemes of key establishment in the wireless sensor networks may not be employed for the mission-critical application due to several limitations: lightweightness and scalability from the point of performance, vulnerabilities against node compromise and various existing attacks from the point of security. In this paper, after identifying security requirements of mission-critical app...
متن کاملFormal approach on modeling and predicting of software system security: Stochastic petri net
To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...
متن کاملAn ontology-based policy for deploying secure SIP-based VoIP services
— Voice services over Internet Protocol (VoIP) are nowadays much promoted by telecommunication and Internet service providers. However, the utilization of open networks, like the Internet, raises several security issues that must be accounted for. On top of that, there are new sophisticated attacks against VoIP infrastructures that capitalize on vulnerabilities of the protocols employed for the...
متن کامل