Automated Logic-Based Technique for Formal Verification of Security Protocols

Jurcut, Anca Delia

doi:10.18178/jacn.2018.6.2.258

Cited by 8 publications

(3 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, the design of such protocols should be robust enough to resist attacks [70,71,74] and must be tested for their functional correctness (i.e. application of formal method) before they are used in practice [69,86].…”

Section: Vulnerabilities In Iot Systemsmentioning

confidence: 99%

Security Considerations for Internet of Things: A Survey

et al. 2020

View full text Add to dashboard Cite

Interconnecting "things" and devices that takes the form of wearables, sensors, actuators, mobiles, computers, meters, or even vehicles is a critical requirement for the current era. These inter-networked connections are serving the emerging applications home and building automation, smart cities and infrastructure, smart industries, and smart-everything. However, the security of these connected Internet of things (IoT) plays a centric role with no margin for error. After a review of the relevant, online literature on the topic and after looking at the market trends and developments, one can notice that there are still concerns with regard to security in IoT products and services. This paper is focusing on a survey on IoT security and aims to highlight the most significant problems related to safety and security in the IoT ecosystems. This survey identifies the general threat and attack vectors against IoT devices while highlighting the flaws and weak points that can lead to breaching the security. Furthermore, this paper presents solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and improvement suggestions.

show abstract

Section: Vulnerabilities In Iot Systemsmentioning

confidence: 99%

Security Considerations for Internet of Things: A Survey

et al. 2020

View full text Add to dashboard Cite

show abstract

“…However, a public network such as the Internet should be treated as an insecure network, where a malicious adversary can eavesdrop, intercept and modify messages. Thus, cryptographic protocols are required to ensure the security of both the infrastructure itself and the information that runs through it [1,2]. Basic security protocols allow agents to authenticate each other, to establish fresh session keys for confidential communication and to ensure the authenticity of data and services.…”

Section: Introductionmentioning

confidence: 99%

Detection and Prevention of New Attacks for ID-based Authentication Protocols

Chen

Dojen

Jurcut

2020

2020 the 9th International Conference on Networks, Communication and Computing

View full text Add to dashboard Cite

The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can conveniently be accessed only by authorized users, many password and smart card-based authentication schemes for multi-server architecture have been proposed. In this paper, we review several dynamic ID-based password authentication schemes for multi-server environments. New attacks against four of these schemes are presented, demonstrating that an adversary can impersonate either legitimate or fictitious users. The impact of these attacks is the failure to achieve the main security requirement: authentication. Thus, the security of the analyzed schemes is proven to be compromised. We analyze these four dynamic ID-based schemes and discuss the reasons for the success of the new attacks. Additionally, we propose a new set of design guidelines to prevent such exploitable weaknesses on dynamic ID-based authentication protocols. Finally, we apply the proposed guidelines to the analyzed protocols and demonstrate that violation of these guidelines leads to insecure protocols. CCS CONCEPTS• Security and privacy → Security protocols.

show abstract

“…For example, $350M and $70M are the size of loss caused by Yahoo and Bitcoin data breach, respectively [1]. The intruder techniques have been evolved using sophisticated tools to create attacks, exploiting vulnerabilities in server protocols [2], [3].…”

Section: Introductionmentioning

confidence: 99%

Detecting Abnormal Traffic in Large-Scale Networks

Elsayed¹,

Le-Khac²,

Dev³

et al. 2020

Preprint

View full text Add to dashboard Cite

With the rapid technological advancements, organizations need to rapidly scale up their information technology (IT) infrastructure viz. hardware, software, and services, at a low cost. However, the dynamic growth in the network services and applications creates security vulnerabilities and new risks that can be exploited by various attacks. For example, User to Root (U2R) and Remote to Local (R2L) attack categories can cause a significant damage and paralyze the entire network system. Such attacks are not easy to detect due to the high degree of similarity to normal traffic. While network anomaly detection systems are being widely used to classify and detect malicious traffic, there are many challenges to discover and identify the minority attacks in imbalanced datasets. In this paper, we provide a detailed and systematic analysis of the existing Machine Learning (ML) approaches that can tackle most of these attacks. Furthermore, we propose a Deep Learning (DL) based framework using Long Short Term Memory (LSTM) autoencoder that can accurately detect malicious traffics in network traffic. We perform our experiments in a publicly available dataset of Intrusion Detection Systems (IDSs). We obtain a significant improvement in attack detection, as compared to other benchmarking methods. Hence, our method provides great confidence in securing these networks from malicious traffic.

show abstract

Automated Logic-Based Technique for Formal Verification of Security Protocols

Cited by 8 publications

References 12 publications

Security Considerations for Internet of Things: A Survey

Security Considerations for Internet of Things: A Survey

Detection and Prevention of New Attacks for ID-based Authentication Protocols

Detecting Abnormal Traffic in Large-Scale Networks

Contact Info

Product

Resources

About