<  Back to the Polytechnique Montréal portal

An information flow method to detect denial of service vulnerabilities

Stéphane Lafrance and John Mullins

Article (2003)

Open Acess document in PolyPublie and at official publisher
[img]
Preview
Open Access to the full text of this document
Published Version
Terms of Use: All rights reserved
Download (321kB)
Show abstract
Hide abstract

Abstract

Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The first contribution of this paper is to introduce a new security property called impassivity designed to capture the ability of a protocol to achieve these goals in the framework of a generic value-passing process algebra called Security Process Algebra ( SPPA) extended with local function calls, cryptographic primitives and special semantic features in order to handle cryptographic protocols. Impassivity is defined as an information flow property founded on bisimulation-based non-deterministic admissible interference. A sound and complete proof method for impassivity is provided. The method extends previous results of the authors on bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. It is illustrated by its application to the TCP/IP protocol.

Uncontrolled Keywords

Denial of service; Protocols; Admissible interference; Bisimulation; Equivalence-checking

Subjects: 2700 Information technology > 2700 Information technology
2700 Information technology > 2706 Software engineering
2700 Information technology > 2713 Algorithms
Department: Department of Computer Engineering and Software Engineering
PolyPublie URL: https://publications.polymtl.ca/3381/
Journal Title: Journal of Universal Computer Science (vol. 9, no. 11)
Publisher: J.UCS Consortium
DOI: 10.3217/jucs-009-11-1350
Official URL: https://doi.org/10.3217/jucs-009-11-1350
Date Deposited: 17 Jan 2019 15:18
Last Modified: 11 Apr 2024 08:52
Cite in APA 7: Lafrance, S., & Mullins, J. (2003). An information flow method to detect denial of service vulnerabilities. Journal of Universal Computer Science, 9(11), 1350-1369. https://doi.org/10.3217/jucs-009-11-1350

Statistics

Total downloads

Downloads per month in the last year

Origin of downloads

Dimensions

Repository Staff Only

View Item View Item