Abraão Aires Urquiza scite author profile

Abraão Aires Urquiza

5Publications

35Citation Statements Received

73Citation Statements Given

How they've been cited

How they cite others

130

Affiliations

Federal University of Paraíba

Publications

Order By: Most citations

Towards the Automated Verification of Cyber-Physical Security Protocols: Bounding the Number of Timed Intruders

Nigam

Talcott

Urquiza

2016

View full text Add to dashboard Cite

Abstract. Timed Intruder Models have been proposed for the verification of Cyber-Physical Security Protocols (CPSP) amending the traditional Dolev-Yao intruder to obey the physical restrictions of the environment. Since to learn a message, a Timed Intruder needs to wait for a message to arrive, mounting an attack may depend on where Timed Intruders are. It may well be the case that in the presence of a great number of intruders there is no attack, but there is an attack in the presence of a small number of well placed intruders. Therefore, a major challenge for the automated verification of CPSP is to determine how many Timed Intruders to use and where should they be placed. This paper answers this question by showing it is enough to use the same number of Timed Intruders as the number of participants. We also report on some preliminary experimental results in discovering attacks in CPSP.

show abstract

Resource and timing aspects of security protocols

Urquiza

Alturki

Kirigin

et al. 2021

JCS

View full text Add to dashboard Cite

Protocol security verification is one of the best success stories of formal methods. However, some aspects important to protocol security, such as time and resources, are not covered by many formal models. While timing issues involve e.g., network delays and timeouts, resources such as memory, processing power, or network bandwidth are at the root of Denial of Service (DoS) attacks which have been a serious security concern. It is useful in practice and more challenging for formal protocol verification to determine whether a service is vulnerable not only to powerful intruders, but also to resource-bounded intruders that cannot generate or intercept arbitrarily large volumes of traffic. A refined Dolev–Yao intruder model is proposed, that can only consume at most some specified amount of resources in any given time window. Timed protocol theories that specify service resource usage during protocol execution are also proposed. It is shown that the proposed DoS problem is undecidable in general and is PSPACE-complete for the class of resource-bounded, balanced systems. Additionally, we describe a decidable fragment in the verification of the leakage problem for resource-sensitive timed protocol theories.

show abstract

Resource-Bounded Intruders in Denial of Service Attacks

Urquiza

Alturki

Kanovich

et al. 2019

View full text Add to dashboard Cite

Symbolic Timed Trace Equivalence

Nigam

Talcott

Urquiza

2019

View full text Add to dashboard Cite

Intruders can infer properties of a system by measuring the time it takes for the system to respond to some request of a given protocol, that is, by exploiting time side channels. These properties may help intruders distinguish whether a system is a honeypot or concrete system helping him avoid defense mechanisms, or track a user among others violating his privacy. Observational equivalence is the technical machinery used for verifying whether two systems are distinguishable. Automating the check for observational equivalence suffers the problem of state-space explosion problem. Symbolic verification is used to mitigate this problem allow for the verification of relatively large systems. This paper introduces a novel definition of timed observational equivalence based on symbolic time constraints. Protocol verification problems can then be reduced to problems solvable by off-the-shelf SMT solvers. We implemented such machinery in Maude and carry out a number of preliminary experiments demonstrating the feasibility of our approach.

show abstract

Towards the Automated Verification of Cyber-Physical Security Protocols: Bounding the Number of Timed Intruders

Nigam¹,

Talcott²,

Urquiza³

2016

Preprint

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.