Abstract
With the development of Internet of Things (IoT) technology, the demand for secure communication by smart devices has dramatically increased, and the security of the IoT protocol has become the focus of cyberspace. Recently, some scholars have attempted to extend the IPSec protocol to IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) to ensure end-to-end security, which makes it essential to analyze the vulnerability of the IPSec protocol to enhance the security of the IoT. In this study, we use a method combining model learning and model checking to analyze the dynamic vulnerability of IPSec protocol implementations. This method automatically infers the black-box model and compares it with the relevant specifications to expose the defects of the system implementation and search its logic vulnerabilities. We first employ model learning on three IPSec implementations to infer state machine models; then, we use model checking to verify that these models satisfy basic security properties and conform to the RFCs. Our analysis reveals three new security issues: a wrong interaction causing server exception and two violations of the standard.
Highlights
Internet of things (IoT) is regarded as the third revolution of information technology industry development after the computer and Internet
In the second step, based on the deterministic finite automaton (DFA) inferred in the first step, we use the formal security criteria defined by the model checking tool and described by linear temporal logic to automatically compare the model with the relevant specifications, thereby acquiring counterexamples that guide us to search for the vulnerabilities in the implementation
PRELIMINARIES we describe the basic principles of model learning and model checking methods and introduce the basics of the IP Security (IPSec) protocol
Summary
Internet of things (IoT) is regarded as the third revolution of information technology industry development after the computer and Internet. Compared with the traditional static method, this technology is a dynamic black-box test, which does not depend on the source code and documents and has a high degree of automation This technology has been applied to infer multiple state machines of security protocol implementations. We combine model learning and model checking to perform vulnerability analysis on IPSec implementation for increasing the security of IoT. In the second step, based on the DFA inferred in the first step, we use the formal security criteria defined by the model checking tool and described by linear temporal logic to automatically compare the model with the relevant specifications, thereby acquiring counterexamples that guide us to search for the vulnerabilities in the implementation.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
