共查询到19条相似文献,搜索用时 156 毫秒
1.
重放攻击是最基本、最常用、危害性最大的攻击认证协议的形式.从服务器和通信实体的角度对认证协议受重放攻击的根源进行详细的分析,提出了一套抗重放攻击认证协议的设计原则和方法.通过该原则和方法,对Adadi-Needham修改版本的Otway-Rees协议和BAN-Yahalom协议进行了分析和改进.该设计原则和方法对抗重放攻击认证协议的设计和分析是很有效的. 相似文献
2.
3.
4.
5.
优化认证消息流防止中间人攻击 总被引:1,自引:0,他引:1
中间人攻击是对网络协议的攻击,该攻击普遍存在并危害较大,很多安全协议也面临威胁.按照发展层次比较了对一般通信、附加认证和安全协议的通信和受保护认证通信的中间人攻击方式,分析了可以避免该攻击的几种方法.以联锁协议为基础,以受保护的认证协议为例,提出了通过改变认证消息序列避免攻击的安全认证协议构造方法. 相似文献
6.
7.
基于协议分析的网络入侵检测技术 总被引:12,自引:0,他引:12
网络协议分析是网络入侵检测中的一种关键技术,当前主要方法是对网络层和传输层协议进行分析。文章基于状态转换进行协议分析和检测,以充分利用协议的状态信息检测入侵,有效地完成包括应用层协议在内的网络各层协议的分析,更加精确地定位了检测域,提高了检测的全面性、准确性和检测效率;这种方法综合了异常检测和误用检测技术,可以更有效地检测协议执行时的异常和针对协议的攻击,并且可检测变体攻击、拒绝服务攻击等较难检测的攻击。 相似文献
8.
通过对D-Y攻击者模型研究,可知注入攻击是攻击者实现其攻击目标的必要手段。对注入攻击序列的性质进行分析,提出了一种在安全协议会话状态空间中搜索注入攻击序列的算法,基于该算法可实现一种新的安全协议验证方法。利用该方法实现了NS公钥协议的验证。实验表明该方法可以实现对安全协议的自动化验证,降低了验证的复杂度,并能给出安全协议漏洞的具体攻击方法。 相似文献
9.
就安全协议的重放攻击进行了分析,针对重放攻击特点,引入了协议关联的相关理论,揭示了其关联本质,为更好地预防重放攻击提供了新的分析思路和方法. 相似文献
10.
首先对两个基于验证元的三方口令密钥交换协议进行了安全性分析,指出它们都是不安全的。其中,LZC协议不能抵抗服务器泄露攻击、未知密钥共享攻击、内部人攻击和不可发现字典攻击;LWZ协议不能抵抗未知密钥攻击、内部人攻击和重放攻击。对LWZ协议进行了改进,以弥补原LWZ协议的安全漏洞。最后,在DDH假设下,给出了改进协议(NLWZ协议)的安全性证明。与已有协议相比,NLWZ协议降低了计算和通信开销,其潜在的实用性更强。 相似文献
11.
It is very difficult to detect intrusions in wireless sensor networks (WSN), because of its dynamic network topology and diverse routing protocols. Traditional Intrusion Detection Systems (IDS) for WSN only focus attention on some one routing protocol, which lacks universality and flexibility. To solve the problem of multi-protocol intrusion detection, this paper proposes a universal method: MP-MID (Multi-Protocol Oriented Middleware-level Intrusion Detection). Our work can generate all known attack types for any routing protocol of WSN, and furthermore, all of them can be detected with the automatically generated rules. In this work, we formalize the routing protocol with the Process Algebra for Wireless Mesh Networks (AWN) language, and propose the conception of attack points to find out all attack types. Combining attack points with formalized protocol in AWN, we get co-sentences which represent the attack features in the protocol. With program slicing technology, all known attack types can be found out based on co-sentences. According to the characteristic of the key variables of the attack types, MP-MID can generate misused based detection or anomaly based detection. Our case study of ADOV (Ad hoc On-demand Distance Vector) protocol shows that our method generated all types of attacks, which outperforms other work. Experimental results show that our generated detection methods have a relatively high detection accuracy rate as we claimed. Our MP-MID method could be used as a flexible and universal tool to analyze and detect attack types for multi-protocol in WSN effectively. 相似文献
12.
13.
We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a key agreement protocol, and it seems practical because the adversary could obtain the victim?s ephemeral secret in a number of methods; for example, by installing some Trojan horse into the victim?s computer platform or by exploiting the imperfectness of the pseudo-random number generator in the platform. We demonstrate that the 3-pass HMQV protocol, which is secure against the standard KCI attack, is vulnerable to this new attack. Furthermore, we show a countermeasure to prevent such an attack. 相似文献
14.
Recently, Yang et al. (Quantum Inf Process 12(1):109, 2013) proposed an enhanced quantum blind signature based on two-taste vector formalism. The protocol can prevent signatory Bob from deriving Alice’s message with invisible photon eavesdropping attack or fake photon attack. In this paper, we show that the enhanced protocol also has a loophole that Alice can utilize an entanglement swapping attack to obtain Bob’s secret key and forge Bob’s valid signature at will later. Then, we reanalyze two existing protocols and try to find some further methods to fix them. 相似文献
15.
16.
Address-resolution protocol (ARP) is an important protocol of data link layers that aims to obtain the corresponding relationship between Internet Protocol (IP) and Media Access Control (MAC) addresses. Traditional ARPs (address-resolution and neighbor-discovery protocols) do not consider the existence of malicious nodes, which reveals destination addresses in the resolution process. Thus, these traditional protocols allow malicious nodes to easily carry out attacks, such as man-in-the-middle attack and denial-of-service attack. To overcome these weaknesses, we propose an anonymous-address-resolution (AS-AR) protocol. AS-AR does not publicize the destination address in the address-resolution process and hides the IP and MAC addresses of the source node. The malicious node cannot obtain the addresses of the destination and the node which initiates the address resolution; thus, it cannot attack. Analyses and experiments show that AS-AR has a higher security level than existing security methods, such as secure-neighbor discovery. 相似文献
17.
该文首先对ARP协议进行了简单的介绍,然后分析了ARP协议所存在的安全问题及由此产生的两种攻击形式,最后提出了防范ARP攻击的一些具体方法。 相似文献
18.
通过在实验环境下使用Python程序构造RIP攻击报文,将攻击报文发送给目标路由器进行路由欺骗,致使被攻击路由器学习到错误的路由信息,进而导致被攻击路由器无法实现正常的路由转发功能。在此基础上,通过Python编写抓包嗅探程序分析攻击者所发送的攻击报文,研究其攻击手段和方法,进而采取相应的安全防护措施,增强RIP路由协议的安全性。 相似文献
19.
IKE协议是IPSec协议族中的自动密钥交换协议,用于动态地建立安全关联。在IKE协议中采用的D-H交换极易受到中间人攻击的威胁。通过深入研究中间人攻击的实现原理,并结合IKE协议中数字签名认证、公钥加密认证、预共享密钥认证三种认证方式详细论述了在该协议中是如何利用身份认证技术抵抗中间人攻击。 相似文献