Formal models of bank cards for free

Proceedings - IEEE 6th International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2013

Volumn , Issue , 2013, Pages 461-468

  Aarts, Fides ^a   De Ruiter, Joeri ^a   Poll, Erik ^a  

^a RADBOUD UNIVERSITY NIJMEGEN   (Netherlands)

Author keywords

[No Author keywords available]

Indexed keywords

AUTOMATIC INFERENCE; BLACK BOXES; DESIGN AND IMPLEMENTATIONS; FINITE STATE MACHINE MODEL; FORMAL MODEL; LEARNING TECHNIQUES; SECURITY EVALUATION; SMART-CARD APPLICATION;

LEARNING ALGORITHMS; LEARNING SYSTEMS; SMART CARDS;

SOFTWARE TESTING;

EID: 84883323315     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICSTW.2013.60     Document Type: Conference Paper

References (20)

1. M. Felderer, B. Agreiter, P. Zech, and R. Breu, "A classification for model-based security testing, " in Advances in System Testing and Validation Lifecycle (VALID 2011), 2011, pp. 109-114.
2. D. Angluin, "Learning regular sets from queries and counterexamples, " Inf. Comput. , vol. 75, no. 2, pp. 87-106, 1987.
3. O. Niese, "An integrated approach to testing complex systems, " Dortmund University, Tech. Rep. , 2003, doctoral thesis.
4. H. Raffelt, B. Steffen, T. Berg, and T. Margaria, "LearnLib: a framework for extrapolating behavioral models, " Int. J. Softw. Tools Technol. Transf. , vol. 11, pp. 393-407, 2009.
5. F. Aarts, B. Jonsson, and J. Uijen, "Generating models of infinitestate communication protocols using regular inference with abstraction, " in Proceedings of the 22nd IFIP WG 6. 1 international conference on Testing software and systems, ser. ICTSS'10, 2010, pp. 188-204.
6. F. Aarts, J. Schmaltz, and F. Vaandrager, "Inference and abstraction of the biometric passport, " in International Symposium on Leveraging applications of formal methods, verification, and validation (ISoLa'10), 2010, pp. 673-686.
7. ISO/IEC, "ISO/IEC 7816: Identification cards-Integrated circuit cards. "
8. EMVCo, "EMV-Integrated Circuit Card Specifications for Payment Systems, Book 1-4, " 2008, available at emvco. com.
9. S. Drimer, S. Murdoch, and R. Anderson, "Optimised to fail: Card readers for online banking, " in Financial Cryptography and Data Security, ser. LNCS, vol. 5628. Springer, 2009, pp. 184-200.
10. J.-P. Szikora and P. Teuwen, "Banques en ligne: à la découverte d'EMVCAP, " MISC (Multi-System & Internet Security Cookbook), vol. 56, pp. 50-62, 2011.
11. T. Chow, "Testing software design modeled by finite-state machines, " Software Engineering, IEEE Transactions on, vol. 4, no. 3, pp. 178-187, 1978, special issue on COMPSAC.
12. M. I. Inc. , "Paypass-m/chip technical specifications, " Tech. Rep. , September 2005, version 1. 3.
13. G. Banks, M. Cova, V. Felmetsger, K. Almeroth, R. Kemmerer, and G. Vigna, "SNOOZE: toward a stateful network protocol fuzzer, " Information Security, pp. 343-358, 2006.
14. J. Jürjens, "Model-based security testing using UMLsec:: A case study, " Electronic Notes in Theoretical Computer Science, vol. 220, no. 1, pp. 93-104, 2008.
15. J. Lancia, "Un framework de fuzzing pour cartes à puce: application aux protocoles EMV, " in Symposium sur la Sé curité des Technologies de l'Information et des Communications (SSTIC), 2011.
16. X. Li and L. Chen, "A survey on methods of automatic protocol reverse engineering, " in Computational Intelligence and Security (CIS 2011). IEEE, 2011, pp. 685-689.
17. K. Hossen, R. Groz, and J. L. Richier, "Security vulnerabilities detection using model inference for applications and security protocols, " in Software Testing, Verification and Validation Workshops (ICSTW'11). IEEE, 2011, pp. 534-536.
18. W. Cui, J. Kannan, and H. Wang, "Discoverer: Automatic protocol reverse engineering from network traces, " in USENIX Security Symposium (Security07), 2007.
19. Y. Hsu, G. Shu, and D. Lee, "A model-based approach to security flaw detection of network protocol implementations, " 2008 IEEE International Conference on Network Protocols, vol. 40, no. 2, pp. 114-123, 2008.
20. P. Comparetti, G. Wondracek, C. Kruegel, and E. Kirda, "Prospex: Protocol specification extraction, " in Security and Privacy. IEEE, 2009, pp. 110-125.