Abstract
The security analysis of Security Protocol Implementations(SPI) is an important part of cybersecurity. However, with the strength of property protection and the widely used applications of code obfuscation technology, the previous security analysis method based on SPI is hard to carry out. Therefore, under the condition that SPI is not available, this paper analyzes the security of the SPI using the unpurified security protocol traces and security protocol implementation ontology. First, we construct the implementation ontology to describes the attributes of the ontology terms. Second, the format analysis method is presented based on unpurified flow. Third, the mapping method is proposed to build the mapping between the security protocol trace and the implementation ontology. Fourth, a is presented to analyze the security of SPI. Finally, FSIA software is designed and implemented according to the method we proposed to analyze the login module of a university information system, the result shows that there is a risk of Ticket leakage in the login module. Compared to the previous method,our proposed method can deal with unpurified network traces and find the vulnerabilities of network and system.
Highlights
Security Protocol Implementations (SPI) have been an important part of cybersecurity [1]
(4) We present a security analysis method called the Security Analysis Method of Security Protocol Implementations (SAMSPI), which applies the mapping analysis method SPT2SIO to analyze the consistency of the mapping and uses the non-ontology token analysis method to detect whether there exists message leakage in the non-ontology token or not
The SAMSIP method verifies the SPT2SIO mappings, and the result shows that the application server authorization ticket in the Central Authentication Service (CAS) protocol has a risk of leakage, which exposes the hidden security risks existing in the login module of a University
Summary
Security Protocol Implementations (SPI) have been an important part of cybersecurity [1]. He et al.: SAMSPI Based on Unpurified Security Protocol Trace and SPIO TABLE 1. Condition that SPI is not available, researchers use dynamic taint [6]–[8] and network trace to analyze the SSPI. The above works mainly focus on purified network trace and protocol specifications inference and pay little attention to the significance of unpurified security protocol traces to analyze SSPI. Apart from that, most works use network-trace-based method to analyze the specification of network protocols, and seldom to analyze SSPI. With the unpurified security protocol traces and security protocol implementation ontology, this paper combines the traffic classification method and network-trace-based approach to analyze SSPI by verifying the consistency of security protocol trace and security protocol implementation.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
