<  Back to the Polytechnique Montréal portal

An information flow method to detect denial of service vulnerabilities

Stéphane Lafrance and John Mullins

Article (2003)

[img]
Preview
Published Version
Terms of Use: All rights reserved.
Download (383kB)
Cite this document: Lafrance, S. & Mullins, J. (2003). An information flow method to detect denial of service vulnerabilities. Journal of Universal Computer Science, 9(11), p. 1350-1369. doi:10.3217/jucs-009-11-1350
Show abstract Hide abstract

Abstract

Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The first contribution of this paper is to introduce a new security property called impassivity designed to capture the ability of a protocol to achieve these goals in the framework of a generic value-passing process algebra called Security Process Algebra ( SPPA) extended with local function calls, cryptographic primitives and special semantic features in order to handle cryptographic protocols. Impassivity is defined as an information flow property founded on bisimulation-based non-deterministic admissible interference. A sound and complete proof method for impassivity is provided. The method extends previous results of the authors on bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. It is illustrated by its application to the TCP/IP protocol.

Uncontrolled Keywords

Denial of service; Protocols; Admissible interference; Bisimulation; Equivalence-checking

Open Access document in PolyPublie
Subjects: 2700 Technologie de l'information > 2700 Technologie de l'information
2700 Technologie de l'information > 2706 Génie logiciel
2700 Technologie de l'information > 2713 Algorithmes
Department: Département de génie informatique et génie logiciel
Research Center: Non applicable
Date Deposited: 17 Jan 2019 15:18
Last Modified: 18 Jan 2019 01:20
PolyPublie URL: https://publications.polymtl.ca/3381/
Document issued by the official publisher
Journal Title: Journal of Universal Computer Science (vol. 9, no. 11)
Publisher: J.UCS Consortium
Official URL: https://doi.org/10.3217/jucs-009-11-1350

Statistics

Total downloads

Downloads per month in the last year

Origin of downloads

Dimensions

Repository Staff Only