Security analysis of network protocols through model checking: a case study on mobile IPv6

Abstract

The advent of computer networks makes network protocols — running on this unprotected environment — vulnerable against various attacks and malefactions. Hence, methods for automatic security verification of protocols in the early stages of protocol design are absolutely required and cause efficiency and security enhancement. Much work has been carried out in the context of protocol vulnerability analysis using model checking, but most of them focus on security protocols that aim to provide data security and integrity, whereas there are other communication network protocols, that need a specific level of security and have their own safety characteristics. These kinds of network protocols often send some control packets and use the timing information to obtain the appropriate degree of security. However, time is abstracted away in most proposed methods for protocol vulnerability analysis to avoid state space explosion. Therefore, it is not possible to verify timing behaviors. In this article, we propose timed automata-based method for formal verification of network protocols' security properties with the appropriate abstraction level. We apply our method to analyze Mobile Internet Protocol version 6 and show how to avoid state space explosion using time concepts in the protocol model. Copyright © 2015 John Wiley & Sons, Ltd.