Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Vulnerability analysis of networks to detect multiphase attacks using the actor-based language Rebeca
Shahriari, H. R ; Sharif University of Technology | 2010
805
Viewed
- Type of Document: Article
- DOI: 10.1016/j.compeleceng.2008.04.009
- Publisher: 2010
- Abstract:
- Increasing use of networks and their complexity make the task of security analysis more and more complicated. Accordingly, automatic verification approaches have received more attention recently. In this paper, we investigate applying of an actor-based language based on reactive objects for analyzing a network environment communicating via Transport Protocol Layer (TCP). The formal foundation of the language and available tools for model checking provide us with formal verification support. Having the model of a typical network including client and server, we show how an attacker may combine simple attacks to construct a complex multiphase attack. We use Rebeca language to model the network of hosts and its model checker to find counter-examples as violations of security of the system. Some simple attacks have been modeled in previous works in this area, here we detect these simple attacks in our model and then verify the model to find more complex attacks which may include simpler attacks as their steps. We choose Rebeca because of its powerful yet simple actor-based paradigm in modeling concurrent and distributed systems. As the real network environment is asynchronous and event-based, Rebeca can be utilized to specify and verify the asynchronous systems, including network protocols
- Keywords:
- Actor ; Asynchronous system ; Automatic verification ; Distributed systems ; Event-based ; Formal foundation ; Formal verifications ; Model checker ; Multi-phase attacks ; Network environments ; Real networks ; Rebeca language ; Security analysis ; Transport protocols ; Vulnerability analysis ; Network protocols ; Network security ; Security systems ; Transmission control protocol ; Model checking
- Source: Computers and Electrical Engineering ; Volume 36, Issue 5 , 2010 , Pages 874-885 ; 00457906 (ISSN)
- URL: http://www.sciencedirect.com/science/article/pii/S0045790608000451