Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 9 / Issue 11

available in:   PDF (214 kB) PS (190 kB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future

 

An Information Flow Method to Detect Denial of Service Vulnerabilities

Stéphane Lafrance (École Polytechnique de Montréal, Canada)

John Mullins (École Polytechnique de Montréal, Canada)

Abstract: Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The firrst contribution of this paper is to introduce a new security property called impassivity designed to capture the abiity of a protocol to achieve these goals in the framework of a generic value-passing process algebra called Security Process Algebra (SPPA) extended with local function calls, cryptographic primitives and special semantic features in order to handle cryptographic protocols. Impassivity is defined as an information flow property founded on bisimulation-based non-deterministic admissible interference. A sound and complete proof method for impassivity is provided. The method extends previous results of the authors on bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. It is illustrated by its application to the TCP/IP protocol. Key Words: Denial of service, Protocols, Ad

Keywords: admissible interference, bisimulation, denial of service, equivalence-checking, protocols

Categories: C.2.2, C.2.4