Abstract

The security analysis of Security Protocol Implementations(SPI) is an important part of cybersecurity. However, with the strength of property protection and the widely used applications of code obfuscation technology, the previous security analysis method based on SPI is hard to carry out. Therefore, under the condition that SPI is not available, this paper analyzes the security of the SPI using the unpurified security protocol traces and security protocol implementation ontology. First, we construct the implementation ontology to describes the attributes of the ontology terms. Second, the format analysis method is presented based on unpurified flow. Third, the mapping method is proposed to build the mapping between the security protocol trace and the implementation ontology. Fourth, a is presented to analyze the security of SPI. Finally, FSIA software is designed and implemented according to the method we proposed to analyze the login module of a university information system, the result shows that there is a risk of Ticket leakage in the login module. Compared to the previous method,our proposed method can deal with unpurified network traces and find the vulnerabilities of network and system.

Highlights

  • Security Protocol Implementations (SPI) have been an important part of cybersecurity [1]

  • (4) We present a security analysis method called the Security Analysis Method of Security Protocol Implementations (SAMSPI), which applies the mapping analysis method SPT2SIO to analyze the consistency of the mapping and uses the non-ontology token analysis method to detect whether there exists message leakage in the non-ontology token or not

  • The SAMSIP method verifies the SPT2SIO mappings, and the result shows that the application server authorization ticket in the Central Authentication Service (CAS) protocol has a risk of leakage, which exposes the hidden security risks existing in the login module of a University

Read more

Summary

INTRODUCTION

Security Protocol Implementations (SPI) have been an important part of cybersecurity [1]. He et al.: SAMSPI Based on Unpurified Security Protocol Trace and SPIO TABLE 1. Condition that SPI is not available, researchers use dynamic taint [6]–[8] and network trace to analyze the SSPI. The above works mainly focus on purified network trace and protocol specifications inference and pay little attention to the significance of unpurified security protocol traces to analyze SSPI. Apart from that, most works use network-trace-based method to analyze the specification of network protocols, and seldom to analyze SSPI. With the unpurified security protocol traces and security protocol implementation ontology, this paper combines the traffic classification method and network-trace-based approach to analyze SSPI by verifying the consistency of security protocol trace and security protocol implementation.

RELATED WORKS
EVALUATION
DISCUSSION We discuss in detail our approach from four aspects:
CONCLUSION AND FUTURE WORKS

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.