A Security Analysis Method for Security Protocol Implementations Based on Message Construction

Lu, Jintian; Yao, Lili; He, Xudong; Huang, Chin‐Tser; Wang, Dejun; Meng, Bo

doi:10.3390/app8122543

Cited by 3 publications

(2 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Program verification methods and model extraction methods depend on obtaining and understanding SPI. Currently, obtaining the SPI [5] is impractical because, with the strengthening of intellectual property protection, it is difficult to obtain SPI. In addition, owing to the widespread application of code obfuscation technology, understanding and analyzing obfuscated codes is becoming a challenge for researchers and experts in academic and industrial worlds.…”

Section: Listsmentioning

confidence: 99%

A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology

Liu

Huang

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

The security analysis of Security Protocol Implementations(SPI) is an important part of cybersecurity. However, with the strength of property protection and the widely used applications of code obfuscation technology, the previous security analysis method based on SPI is hard to carry out. Therefore, under the condition that SPI is not available, this paper analyzes the security of the SPI using the unpurified security protocol traces and security protocol implementation ontology. First, we construct the implementation ontology to describes the attributes of the ontology terms. Second, the format analysis method is presented based on unpurified flow. Third, the mapping method is proposed to build the mapping between the security protocol trace and the implementation ontology. Fourth, a is presented to analyze the security of SPI. Finally, FSIA software is designed and implemented according to the method we proposed to analyze the login module of a university information system, the result shows that there is a risk of Ticket leakage in the login module. Compared to the previous method,our proposed method can deal with unpurified network traces and find the vulnerabilities of network and system.INDEX TERMS Security protocol implementation, network trace, security protocol implementation ontology, format analysis, semantic analysis.

show abstract

Section: Listsmentioning

confidence: 99%

A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology

Liu

Huang

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…This vulnerability arises when an attacker uses faulty input validation in SQL queries to run unauthorized commands. If not appropriately mitigated, SQL injection can result in data breaches, data manipulation, and unauthorized access to sensitive information kept in SAS databases (Lu et al, 2018).…”

Section: Common Security Risks In Sas Applicationsmentioning

confidence: 99%

Secure Programming with SAS: Mitigating Risks and Protecting Data Integrity

Yarlagadda,

Pydipalli

2018

Eng. int. (Dhaka)

View full text Add to dashboard Cite

This article examines the significance of safe programming with SAS (Statistical Analysis System) for risk mitigation and data integrity protection in data-driven environments. The study intends to investigate data protection strategies to improve application security, look at best practices for secure SAS coding, and identify prevalent security threats related to SAS applications. The review process is secondary data, with insights gleaned from online resources, industry reports, conference papers, and academic journals. Important discoveries show that SAS programs frequently have vulnerabilities, including SQL injection, cross-site scripting (XSS), and unsafe data handling. The best practices that have been established encompass data encryption, secure access controls, output encoding, parameterized queries, and input validation. The policy implications emphasize the significance of legislative frameworks for data protection and encouraging instruction in secure programming practices. This report emphasizes how important it is for businesses to use SAS for secure programming to protect sensitive data, abide by data protection laws, and defend against cyberattacks.

show abstract

Secure Z-MAC Protocol as a Proposed Solution for Improving Security in WSNs

2022

View full text Add to dashboard Cite

Security is one of the major issues in Wireless Sensor Networks (WSNs), as poor security disrupts the entire network and can have a significant effect on data transmission. WSNs need safe data transmission at a high rate while maintaining data integrity. By modifying the Z-MAC protocol and merging it with IHOP and elliptic-curve encryption techniques, the present research produced a novel protocol that enables safe data transfer. Additionally, the paper examined the IHOP technique for secure data transfer based on the Z-MAC protocol, which offers a simple and efficient key generation mechanism based on a hierarchical key management architecture. Additionally, the Z-MAC protocol offered low contention, high throughput, reduced latency, low power consumption, and increased efficiency. One of the most major applications of the Secure Z-MAC protocol may be the Vehicle Area Network, which would help in increasing highway automobile traffic while simultaneously enhancing individual safety and minimizing accidents.

show abstract

A Security Analysis Method for Security Protocol Implementations Based on Message Construction

Cited by 3 publications

References 31 publications

A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology

A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology

Secure Programming with SAS: Mitigating Risks and Protecting Data Integrity

Secure Z-MAC Protocol as a Proposed Solution for Improving Security in WSNs

Contact Info

Product

Resources

About