|
|||||
|
|
| 认证协议漏洞自动检测系统设计与实现 | |
| 引用本文: | 林丽,关德君,徐剑,钟月.认证协议漏洞自动检测系统设计与实现[J].计算机工程,2012,38(9):134-137. |
| 作者姓名: | 林丽 关德君 徐剑 钟月 |
| 作者单位: | 1. 沈阳广播电视大学对外合作学院,沈阳,110003 2. 沈阳广播电视大学信息工程学院,沈阳,110003 3. 东北大学软件学院,沈阳,110819 4. 东北大学中荷生物医学与信息工程学院,沈阳,110819 |
| 基金项目: | 辽宁省自然科学基金资助项目“基于人体健康监测的无线传感网络辐射水平评估与优化”(201102067) |
| 摘 要: | 从攻击者的角度出发,总结系统攻击的2个特性,设计一个协议漏洞自动检测系统。通过目标查找算法、可利用资源查找算法及协议漏洞查找算法,找到多种攻击认证协议的途径,由此发现协议存在的漏洞。对Needham-Schroeder、Neuman-Stubblebine和Otway-Rees协议的测试结果表明,该系统可正确检测协议漏洞,模拟攻击方式。 |
| 关 键 词: | 认证协议 漏洞查找 自动检测 可利用资源查找 目标查找 |
| 收稿时间: | 2012-01-12 |
Design and Implementation of Automatic Detection System for Authentication Protocol Loophole |
|
| LIN Li , GUAN De-jun , XU Jian , ZHONG Yue.Design and Implementation of Automatic Detection System for Authentication Protocol Loophole[J].Computer Engineering,2012,38(9):134-137. | |
| Authors: | LIN Li GUAN De-jun XU Jian ZHONG Yue |
| Affiliation: | 1a.External Cooperative College;1b.College of Information Engineering,Shenyang Radio and Television University,Shenyang 110003,China;2a.College of Software;2b.Sino-Dutch Biomedical and Information Engineering School,Northeastern University,Shenyang 110819,China) |
| Abstract: | From the attacker’s point of view,this paper sums up two features of attack on system and designs an automatic detection system for authentication protocol loophole.By target lookup algorithm,available resource lookup algorithm and protocol vulnerabilities searching algorithm,it finds a variety of ways to attack the authentication protocol to discover loopholes in the protocol.Needham-Schroeder,Neuman-Stubblebine and Otway-Rees protocol are used to do tests,whose results show that the system can correctly detect the vulnerability of the protocol,and simulate the attack methods. |
| Keywords: | authentication protocol loophole lookup automatic detection available resource lookup object lookup |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机工程》浏览原始摘要信息 | |
| 点击此处可从《计算机工程》下载全文 | |