共查询到20条相似文献,搜索用时 46 毫秒
1.
针对形式化方法对安全协议DoS攻击分析的不足之处,提出了一种基于串空间模型的扩展形式化方法。利用扩展后的形式化方法,对IEEE802.11i四步握手协议进行了DoS攻击分析,发现其的确存在DoS攻击漏洞。通过分析,提出一种可以改善DoS攻击的方法,并通过了扩展形式化方法对于判断安全协议DoS攻击分析的测试规则。最后,根据扩展形式化方法对改进后的四步握手协议进行证明,得出改进后协议可以通过两类DoS测试规则运行至结束。 相似文献
2.
3.
4.
安全协议形式化分析的研究和实现 总被引:2,自引:2,他引:0
安全协议是指使用密码技术或提供安全服务的协议,可以实现认证和密钥交换等安全目的.安全协议分析工具是指一套建立和分析安全协议模型的工具,它采用形式化的分析方法对安全协议进行分析并得出结论.文章以EKE协议为例,采用AVISPA分析工具对其安全性进行分析,给出了安全性与攻击轨迹的关系. 相似文献
5.
安全协议形式化验证方法综述 总被引:1,自引:0,他引:1
安全协议作为确保网络安全的关键技术,其安全性直接决定了网络的安全性能。然而安全协议设计与分析存在着诸多困难,目前采用的主要方法是形式化方法,主要分为模态逻辑的方法、模型检测的方法、定理证明方法3种。这3种方法特性各不相同,试用范围也有所区别,而且这些方法或多或少都存在着一定的缺陷。Applied pi演算是一种专门针对安全协议设计的理论成熟的形式化方法,它的出现为安全协议的分析带来了全新的思路。 相似文献
6.
一种改进的基于SAT的多错误诊断算法 总被引:1,自引:0,他引:1
改进了二种组合电路设计错误诊断DED(Design Error Diagnosis)算法。它使用多可满足性问题(SAT)求解技术,通过对布尔可满足解计数来实现对多个逻辑错误的诊断定位。改进了电路诊断架构,新架构的合取范武表述所使用的变量和子句数目大为减少;通过多种启发武方法,避免了不必要的操作,使算法在时间和内存上保持有效性。 相似文献
7.
8.
网络支付协议的形式化安全需求及验证逻辑 总被引:2,自引:0,他引:2
从整个网络支付协议的安全角度出发,提出网络支付协议的多层安全需求模型,包括以认证和密钥分配为基础的基层需求、网络支付协议固有的中层需求(包括保密性、原子性、公平性、完整性、匿名性、不可否认性、可追究性等)、以及面向具体应用的高层需求。基于一阶逻辑和时序逻辑,提出一种适合描述网络支付协议的形式化安全需求的逻辑,描述了该逻辑的语法结构和推理规则,并用该安全需求逻辑对网络支付协议的多层安全需求进行了形式化描述。最后,以SET协议为例进行需求验证。 相似文献
9.
本文先从软件理论的角度对安全协议分析语言CPAL的语法和语义进行分析,指出这种语言控制流的缺陷,在语法和语义方面给出CPAL语言的完善方案,并从信息安全中的协议的广泛性方面说明其必要性。 相似文献
10.
11.
12.
13.
Aiming at analyzing the influence of multi-step attack,as well as reflecting the system’s security situation accurately and comprehensively,a network security situation evaluation method for multi-step attack was proposed.This method firstly clustered security events into several attack scenes,which was used to identify the attacker.Then the attack path and the attack phase were identified by causal correlation of every scene.Finally,combined with the attack phase as well as the threat index,the quantitative standard was established to evaluate the network security situation.The proposed method is assessed by two network attack-defense experiments,and the results illustrate accuracy and effectiveness of the method. 相似文献
14.
15.
软件的安全性不但体现在软件自身编程和运行漏洞,同时也体现在软件对人们财产、个人信息以及生命安全的破坏。因而,在极力发展嵌入式软件的同时,不但要注重软件的体验和实用性,更要注重软件的安全性。做好嵌入式软件的安全性能测试,是确保计算机技术安全、稳定运行的唯一标准。 相似文献
16.
To predict the attack behaviors accurately and comprehensively as well as to quantify the threat of attack,a quantitative method for network security situation based on attack prediction was proposed.By fusing the situation factors of attacker,defender and network environment,the capability of attacker and the exploitability rate of vulnerability were evaluated utilizing the real-time detected attack events,and the expected time-cost for attack-defense were further calculated.Then an attack prediction algorithm based on the dynamic Bayesian attack graph was designed to infer the follow-up attack actions.At last,the attack threat was quantified as the security risk situation from two levels of the hosts and the overall network.Experimental analysis indicates that the proposed method is suitable for the real adversarial network environment,and is able to predict the occurrence time of attack accurately and quantify the attack threat reasonably. 相似文献
17.
针对移动自组织网络认证协议应对安全威胁、满足安全目标的有效性问题,提出了采用基于通信顺序进程(CSP, communicating sequential process)和模型检测的协议分析方法,对移动自组织网络的代表性认证协议TAM进行分析、建模、检验并改进。首先采用CSP方法对TAM中参与者的通信行为建立模型、给出了安全目标的安全规范;然后利用模型检测工具FDR验证了TAM的CSP进程,结果表明TAM不满足认证性和机密性安全规范;最后对TAM进行了改进并检验,结果表明改进后的TAM满足安全目标,实验表明与TAM相比,改进的TAM在合理的簇规模情况下增加可接受的额外开销。 相似文献
18.
19.
A security capacity assessment method based on security behavior ontology,was proposed to collect users' be-havior data from their smartphones under unconscious condition to solve the problem of detecting mobile phone users' real existing insecure behaviors.A security behavior ontology was set up for formalizing the phone,message,network and App behavior data of mobile phone users and relevant rules were also set down for determining and associating inse-cure actions.Referring to the notion of attack graph,an insecure behavior detection algorithm was proposed based on behavior association graph for analyzing the paths of insecure behaviors dynamically.Furthermore,a competency model of information security capability assessment was presented for realizing the quantitative evaluation of information secu-rity capability of users.The experiment results prove the effectiveness of present competency model for insecure behavior path detection and security ability assessment. 相似文献