Dynamic analysis of security protocols

Proceedings New Security Paradigm Workshop

Volumn , Issue , 2000, Pages 77-87

  Yasinsac, Alec ^a  

^a Florida State University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOGRAPHY; INTERNET; NETWORK PROTOCOLS; REAL TIME SYSTEMS;

DISTRIBUTED DENIAL OF SERVICE ATTACKS (DDOS);

SECURITY OF DATA;

EID: 0034593312     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/366173.366194     Document Type: Conference Paper

References (44)

1. Martin Abadi and Mark R. Tuttle, "A Semantics for a Logic of Authentication", Tenth Annual ACM Symp on Princ of Dist Computing, Montreal, Canada, August, 1991
2. Burrows, M., Abadi, M., and Needham, R. M. "A Practical Study in Belief and Action", In Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge (Asilomar, Ca., Feb. 1988) M. Vardi, Ed. Morgan Kaufmann, Los Altos, Calif., 1988, pp. 325-342
3. S. Brackin, "Automatically Detecting Most Vulnerabilities in Cryptographic Protocols", in The DARPA Information Survivability Conference and Exposition, January 2000, Vol.1, pp 222-36
4. Crosbie, M.; Dole, B.; Ellis, T.; Krsul, I.; Spafford, E, "IDIOT - Users Guide", Technical Report TR-96-050, Purdue University, COAST Laboratory, Sept. 1996
5. Dorothy E. Denning, "An Intrusion-Detection Model", From 1986 IEEE Computer Society Symposium on Research in Security and Privacy, pp 118-31
6. D. E. Denning and G. M. Sacco, "Timestamps in key distribution protocols," Communications of the ACM, vol. 24, no. 8, Aug 1981, pp. 533-536
7. Daniels and Spafford, "Identification of Host Audit Data to Detect Attacks on Low-level IP", Journal of Computer Security, Volume 7, Issue 1, 1999
8. Dolev, D., and Yao, A.C. "On the security of public key protocols". IEEE Trans. Inf. Theory IT-29, 2(Mar. 1983), pp. 198-208. Also Stan-CS-81-854, May 1981, Stanford U.
9. A. Fiat and A. Shamir, "How to prove yourself: Practical solutions to identification and signature problems", Advances in Cryptology, Proc. of Crypto∼'86 (Lecture Notes in Computer Science 263), Editor A. Odlyzko, Springer-Verlag, pp. 186-194, Santa Barbara, California, U. S. A., August 11-15, 1987
10. Gregory, D.; Shi, Q.; Merabti, M., 'An Intrusion Detection System Based upon Autonomous Mobile Agents", pp. 586-591, 14th International conference on Information security, 1998 Aug: Vienna
11. Y. Jou, F. Gong, C. Sargor, X. Wu, S. Wu, H. Chang, and F. Wang, "Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 69-83
12. R. A. Kemmerer, "Using Formal Methods to Analyze Encryption Protocols," IEEE Journal on Selected Areas in Communications, vol. 7, mo. 4, pp. 448-457, May 1989
13. Rajeshekar Kailar and Virgil D. Gligor, "On Belief Evolution in Authentication Protocols", In Proceedings of the Computer Security Foundations Workshop IV, PP 103-16, IEEE Computer Society Press, Los Alamitos, CA, 1991
14. Sandeep Kumar and Eugene Spafford, "A Taxonomy of Common Computer Security Vulnerabilities Based on their Method of Detection", Technical Report, Purdue University, 1995
15. J. Kelsey, B. Schneier, and D. Wagner, "Protocol Interactions and the Chosen Protocol Attack", Security Protocols, 5th, International Workshop April 1997, Proceedings, Springer-Verlag, 1998, pp.91-104
16. R. Kemmerer, C. Meadows, and J. Millen, ""Three Systems for Cryptographic Protocol Analysis", The Journal of Cryptology, Vol. 7, no. 2, 1993
17. Ulf Lindqvist and Phillip A. Porras, "Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)", 1999 IEEE Computer Society Symposium on Security and Privacy, pp 146-61
18. R.P. Lippman, D.J. Fried, I.Graf, J.W. Haines, K.R. Kendall, D. McCllung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation", DARPA Information Survivability Conference and Exposition 2000, Jan 25-27, 2000, Vol. 2, pp 12-26
19. Gavin Lowe, "An Attack on the Needham-Schroeder Public Key Authentication Protocol", Information Processing Letters, 56:131-133, 1995
20. Gavin Lowe, "Breaking and Fixing the Needham-Schroeder Public Key Protocol Using FDR", In Proceedings of TACAS, Vol. 1055 of Lecture Notes in Computer Science, pp 147-166, Springer-Verlag, 1996.
21. Gavin Lowe, "Casper: A Compiler for the Analysis of Security Protocols", Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997. Also in Journal of Computer Security, Volume 6, pages 53-84, 1998.
22. Gavin Lowe, "Casper: A Compiler for the Analysis of Security Protocols", Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997. Also in Journal of Computer Security, Volume 6, pages 53-84, 1998.
23. Millen, J.K., Clark, S. C., and Freedman, S. B. "The interrogator: Protocol security analysis". IEEE Trans. Sofw. eng. SB-13, 2(Feb. 1987), pp. 274-288
24. Catherine Meadows, "Formal Verification of Cryptographic Protocols: A Survey," Advances in Cryptology - Asiacrypt '94, LNSC 917, Springer-Verlag, 1995, pp. 133-150
25. Catherine Meadows, "Analysis of the Interact Key Exchange Protocol using the NRL Protocol Analyzer", 1999 IEEE Computer Society Symposium on Security and Privacy, pp 216-34
26. Catherine Meadows, "A Formal Framework and Evaluation Method for Network Denial of Service", 12th IEEE Computer Security Foundations Workshop, Jun 28-30, 1999, Mordano, Italy
27. Roger M. Needham, Michael D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers", Communications of the ACM, December 1978 vol. 21 #12, pp. 993-999
28. R. Oppliger. Security issues related to mobile code and agent-based systems, pp. 1165-1170. Computer Communications, Vol. 22, No. 12 (July 1999):
29. Lawrence C. Paulson, "Proving Security Protocols Correct", in IEEE Symposium on Logic in Computer Science, Trento, Italy (1999), pp 370-81
30. A. W. Roscoe, "The Theory and Practice of Concurrency", Prentice Hall, 1997
31. Dawn Xiaodong Song, "Athena: A New Efficient Automatic Checker for Security Protocol Analysis", 12th IEEE Computer Security Foundations Workshop, Jun 28-30, 99, Mordano, Italy
32. T. Sander, C. Tschudin, "Protecting Mobile Agents against Malicious Hosts", Lecture Notes in Computer Science, Special Issue on Mobile Agents, Edited by G. Vigna, 1998
33. Paul Syverson, "A Taxonomy of Replay Attacks," Proceedings of the Computer Security Foundations Workshop VII, Franconia NH, 1994 IEEE CS Press (Los Alamitos, 1994)
34. F. Thayer, J.C. Herzog, and J.D. Guttman, "Strand Spaces: Why is a Security Protocol Correct?" In Proceedings of 1998 IEEE Symposium on Security and Privacy, 1998
35. Brett Tjaden, "A Method for Examining Cryptographic Protocols" University of Virginia Doctoral Dissertation, January 1997
36. Vigna and Kemmerer, "NetSTAT: A Network-based Intrusion Detection System", Journal of Computer Security, Volume 7, Issue 1, 1999
37. "Attacks on Encryption Code Raise Questions About Computer Vulnerability", Wayner, Peter, New York Times (01/05/00) P. C2
38. Alec Yasinsac, "Evaluating Cryptographic Protocols:, Ph.D. Dissertation, University of Virginia, Jan 1996
39. Yasinsac, Alec; Wulf, William A, "Evaluating Cryptographic Protocols", University of Virginia Technical Report, CS-93-66, December 22, 1993
40. Alec Yasinsac and Wm. A. Wulf, "A Framework for A Cryptographic Protocol Evaluation Workbench", Proceedings of the Fourth IEEE International High Assurance Systems Engineering Symposium (HASE99), Washington D.C., Nov. 1999
41. Alec Yasinsac, "Detecting Intrusions in Security Protocols", accepted to the Third ACM Workshop on Intrusion Detection Systems, Athens, Greece, Nov 1-4, 2000
42. Susan Pancho, "Protocols", Proceedings of the New Security Paradigms Workshop", Sept. 1999
43. Mihir Bellare and Phillip Rogaway, "Random Oracles are Practical: A Paradigm for Designing Efficient Protocols", Proceedings of the First ACM Conference on Communications and Computer Security, ACM, November, 1995
44. Paul E. Proctor, The Practical Intrusion Detection Handbook, Prentice Hall, Inc. 2001, ISBN 013-025960-8, pp 46-47