基于着色Petri网仿真模型的安全协议分析

采取形式化方法验证协议的安全性,Petri网是有效的方法之一,但传统Petri网分析过程中经常会出现状态空间爆炸问题。该文采用了基于着色Petri网建立安全协议及入侵者攻击的仿真模型方法,从而获得仿真数据。该方法利用逆向状态分析和Petri网可达性分析,能有效地发现协议中的安全漏洞。并且,如果能恰当地控制好状态空间,则能有效地克服Petri网分析过程中的状态空间爆炸问题。该文给出的利用着色Petri网建立安全协议仿真模型分析的一般方法,实例说明该方法具有普适性,并且方便利用Petri网自动化分析工具实现自动化分析。     

不可否认协议的Petri网建模与分析

Petri网是一种描述及分析并发行为的工具,在安全协议的形式化分析中得到了广泛的应用．作为一种特殊的安全协议,不可否认协议虽然已得到了多种形式化方法的分析,但还没有人使用Petri网来分析它们．以一般安全协议的Petri网分析方法为基础,提出了使用Petri网分析不可否认协议的建模及分析方法,该方法可以描述并分析一些其他形式化方法无法描述的协议性质．使用该方法分析Zhou和Gollmann于1996年提出的一个公平不可否认协议,可以发现该协议的一个许多其他形式化方法不能发现的已知缺陷．     

改进型有色Petri网的安全协议分析

利用有色Petri网分析安全协议时存在空间爆炸问题,对此提出了构建入侵者成功攻击安全协议所需知识集RI与入侵者可以获得的知识集KI,并定义入侵成功函数的改进型有色Petri网。利用改进型有色Petri网对具体的Helsinki协议和TMN协议进行了分析。实验表明,该方法能大大简化带有入侵者的Petri网模型的构造过程,有效缓解了Petri网在分析安全协议时的空间爆炸问题。     

一种基于Petri网的安全协议验证方法

安全协议是实现网络安全的关键,如何验证安全协议的安全性是一个非常重要的工作。论文提出一种基于着色Petri网的安全协议形式化描述与安全验证方法,此方法建立在逆向状态分析和着色petri网可达性矩阵的基础之上,并采用具体协议来验证该方法的有效性。     

基于赋时颜色Petri网的NSSK协议建模

随着对计算机网络应用的不断深入,对网络协议的安全性进行分析和研究已经成为信息安全领域的一个十分重要的研究方向.设计安全协议时,协议的安全性验证是消除安全协议脆弱性和不精确性的关键步骤.验证安全协议的模型和工具有很多,主要应用赋时颜色Petri网分析了安全协议中著名的NSSK协议,应用赋时颜色Petri网的变迁为导向的建模方法,成功地对NSSK协议进行了建模,并验证了协议运行过程中的有效性.为下一步利用颜色Petri网协议针对NSSK协议的安全性进行分析打下了良好的基础.     

基于Petri网的密码协议形式化建模

密码协议是安全共享网络资源的机制和规范,是构建网络安全环境的基石,其安全性对整个网络环境的安全起着至关重要的作用。提出了采用Colored Petri Nets(CPN,着色Petri网)分析密码协议的新方法。采用新方法对TMN协议的多次并发会话通信进行形式化建模,模型依据会话配置和会话顺序进行功能单元划分,采用on-the-fly方法生成攻击路径。采用状态空间搜索技术,发现了该协议的多次并发会话不安全状态,并获得了新的攻击模式。     

基于有色Petri 网的时钟同步协议安全性分析

随着工业以太网的发展,作为其实时性保障核心技术的时钟同步协议的安全性变得至关重要。针对时钟同步协议的安全性问题,首先提出一种基于有色Petri网的时钟同步协议安全性分析方法;然后通过建立协议的有色Petri网模型,利用状态方程等工具针对不安全状态的可达性进行判断分析,从而实现时钟同步协议的安全性分析;最后具体分析了一种基于精密时钟同步协议(PTP)的时钟同步协议以及针对该协议的主时钟欺骗攻击,验证了所提出方法的有效性。     

基于时延Petri网的移动电子支付协议模型

时延Petri网是在一般Petri网的基础上,在变迁上引入相应的时间函数,使其具有很强的描述能力与性能分析能力。针对移动电子支付中愈加严重的交易安全问题,通过对电子支付系统和移动电子支付流程的分析,发现移动电子商务SET协议存在漏洞,建立基于时延Petri网移动电子支付协议时延Petri网模型,为安全电子交易过程提供进一步的安全保障。     

PETRI网与ISO传输协议的形式描述

本文介绍了用Petri网描述协议的方法,给出了ISO传输层第三类协议的Petri网说明,并且利用可达树、可达图等分析工具对所给Petri网进行了分析,然后讨论了所给的结果。描述协议的Petri网不仅可以对协议进行验证说明,而且可以作为协议实现的一种工具。     

基于有色Petri网的一种密码协议的描述和分析

Petri网作为一种数学工具,已被广泛应用于过程的描述、分析和验证。文章使用有色Petri网对文献[1]中提到的一种密码协议进行描述和分析,发现并验证该协议的安全缺陷。     

Dynamic voltage security assessment using a fuzzy severity index

This paper describes a new approach, based on fuzzy-set theory, to dynamic voltage security assessment. The development enables the large-scale nonlinear voltage instability assessment problem to be reduced to a fuzzy severity index, by which the dynamic voltage secure/insecure state is conservatively assessed. Besides providing a mere two-region demarcation, the magnitude of the severity index can generally give a relative severity indication to discriminate between various insecure post-disturbance system states. Preliminary results show that the approach presented here is promising for on-line use because of its relatively light computational burden.     

EAP-MD5协议的安全性分析与改进

安全协议的验证对确保网络通信安全极其重要,形式化分析方法使得安全协议的分析简单、规范和实用,成为信息安全领域的研究热点。针对802.1x/EAP-MD5认证协议,提出一种基于着色Petri网(CPN)的安全协议形式化验证方法,并给出具体的形式化分析过程。建立协议的CPN模型,分析协议执行过程中可能出现的不安全状态,利用CPN状态可达性判定这些不安全状态是否可达,从而验证协议的安全性。对于802.1x/EAP-MD5协议在中间人攻击下的安全漏洞问题,提出协议的改进方案,采用预共享密钥机制生成会话密钥加密交互信息,同时运用数字证书对服务器进行认证,以提升中间人攻击的难度及增强网络接入认证协议的安全性。     

PMI中AA与ARA通信模型设计及形式化描述

授权管理基础设施（PMI）系统中属性权威（AA）与属性注册权威（ARA）通信状态多且变化复杂。提出了一个PMI中AA与ARA的通信模型，以避免不安全的中间状态出现。对该模型的特征进行了分析，运用有限状态机(FSM)对该模型进行形式化描述，并证明了其安全性。     

Design and Verification of Enhanced Secure Localization Scheme in Wireless Sensor Networks

In this paper, we focus on the need for secure and efficient localization for wireless sensor networks in adversarial settings. An attack-resistant and efficient localization scheme is developed, which extends the scheme proposed in [1]. The method offers strong defense against not only distance reduction attacks but also distance enlargement attacks. Furthermore, our method does not employ any device-dependent variables, hence yields more accurate localization. An attack-driven model is also specified using Petri net. It provides a formal method for the verification of our scheme when considering distance enlargement attacks. The state analysis shows that the potential insecure states are unreachable, implying that the model can offer strong defense against these attacks. To the best of our knowledge, it is the first time that the Petri net has been introduced to validate security scheme for wireless sensor networks in the literature.     

Past‐Free[ze] reachability analysis: reaching further with DAG‐directed exhaustive state‐space analysis

Model‐checking enables the automated formal verification of software systems through the explicit enumeration of all the reachable states. While this technique has been successfully applied to industrial systems, it suffers from the state‐space explosion problem because of the exponential growth in the number of states with respect to the number of interacting components. In this paper, we present a new reachability analysis algorithm, named Past‐Free[ze], that reduces the state‐space explosion problem by freeing parts of the state‐space from memory. This algorithm relies on the explicit isolation of the acyclic parts of the system before analysis. The parallel composition of these parts drives the reachability analysis, the core of all model‐checkers. During the execution, the past states of the system are freed from memory making room for more future states. To enable counter‐example construction, the past states can be stored on external storage. To show the effectiveness of the approach, the algorithm was implemented in the OBP Observation Engine and was evaluated both on a synthetic benchmark and on realistic case studies from automotive and aerospace domains. The benchmark, composed of 50 test cases, shows that in average, 75% of the state‐space can be dropped from memory thus enabling the exploration of up to 14 times more states than traditional approaches. Moreover, in some cases, the reachability analysis time can be reduced by up to 25%. In realistic settings, the use of Past‐Free[ze] enabled the exploration of a state‐space 4.5 times larger on the automotive case study, where almost 50% of the states are freed from memory. Moreover, this approach offers the possibility of analyzing an arbitrary number of interactions between the environment and the system‐under‐verification; for instance, in the case of the aerospace example, 1000 pilot/system interactions could be analyzed unraveling an 80 GB state‐space using only 10 GB of memory. Copyright © 2016 John Wiley & Sons, Ltd.     

A cellular framework for structural analysis and optimization

The present paper describes the implementation of a cellular automata based computational approach in structural analysis and design. This approach assumes that a computational domain can be subdivided into a number of discrete cells, with state variables associated with each cell. Collectively, these cell states define the state of the entire domain, and which may be evolved through application of local rules of interaction that apply to a defined neighborhood around each cell. The computational process is intrinsically parallel in nature, and allows for a natural implementation on parallel computers. The paper describes an overview of this computational model for the analysis of structural systems, and demonstrates how it can be extended for a fine-grained parallel implementation of the genetic algorithm based optimization strategy. The paper also illustrates an extension of the proposed model in solving problems of simultaneous analysis and optimization.     

Structure analysis of periodically controlled nonlinear systems via the stroboscopic approach

It is shown that an efficient structure analysis of periodically controlled nonlinear systems is possible by use of the computer simulation technique coupled with the stroboscopic approach. The existence and stability of every periodic state can be determined together with the dynamic behavior in the neighborhood of these periodic states. Especially, the proposed technique seems to be the only way for finding out periodic states of the saddle mode.     

数字集成电路仿真中不定态的消除方法

为了解决在仿真时由于不定态的传播、扩散导致的仿真失败的情况,首先介绍了不定态产生的原因,之后分析了仿真器对不定态的传播,进而提出了在RTL级以及门级阶段消除不定态的方法,最后结合工程实践,介绍了利用VCS仿真工具在门级仿真过程中消除不定态的实现过程。实践结果表明,合理运用该方法,可以在保证电路工作正常的前提下,确保门级仿真的顺利进行,故具有重要的参考价值。     

Dealing with Zero-Time Transitions in Axiom Systems

In the modalization of time-dependent systems it is often useful to use the abstraction ofzero-time transitions, i.e., changes of system state that occur in a time that can be neglected with respect to the whole dynamics of system evolution. Such an abstraction, however, sometimes generates critical situations in the formal system analysis. This may lead to limitations or unnatural use of such formal analysis. In this paper we present an approach that keeps the intuitive appeal of the zero-time transition abstraction, yet maintains simplicity and generality in its use. The approach is based on considering zero-time transitions as occurring in an infinitesimal, yet nonnull time. The adopted notation is borrowed from nonstandard analysis. The approach is illustrated through Petri nets as a case of state machines and TRIO as a case of logic-based assertion language, but it can be easily applied to any formal system dealing with states, time, and transitions.