Using Coloured Petri Nets to Simulate DoS-resistant Protocols
作者: Suratose Tritilanunt , Ernest Foo , Juan Gonzalez Nieto , Colin Boyd
DOI:
关键词: Key exchange 、 Universal composability 、 Host Identity Protocol 、 Computer science 、 Protocol (science) 、 Petri net 、 Transport Layer Security 、 Distributed computing 、 Internet Protocol 、 CPN Tools
摘要: In this work, we examine unbalanced computation between an initiator and a responder that leads to resource exhaustion attacks in key exchange protocols. We construct models for two cryp-tographic protocols; one is the well-known Internet protocol named Secure Socket Layer (SSL) protocol, and other Host Identity Protocol (HIP) which has built-in DoS-resistant mechanisms. To such protocols, develop formal framework based on Timed Coloured Petri Nets (Timed CPNs) use simulation approach provided CPN Tools achieve analysis. By adopting idea of Meadows' cost-based re¯ning de¯nition operational costs during execution, our provides accurate cost estimate execution compar- ing among principals, as well percentage successful connections from legitimate users, under four di®erent strategies DoS attack.
参考文章(13)
Dirk Fox, Computer Emergency Response Team (CERT). Datenschutz Und Datensicherheit. ,vol. 26, ,(2002)
Tuomas Aura, Aarthi Nagarajan, Andrei Gurtov, Analysis of the HIP base exchange protocol australasian conference on information security and privacy. pp. 481- 493 ,(2005) , 10.1007/11506157_40
Kurt Jensen, Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use ,(2011)
Carl Adam Petri, Kommunikation mit Automaten ,(1962)
Jason Smith, Juan Manuel Gonzalez-Nieto, C. Boyd, Modelling denial of service attacks on JFK with Meadows's cost-based framework grid computing. pp. 125- 134 ,(2006)
Philip Karlton, Alan Freier, Paul Kocher, The SSL Protocol Version 3.0 draft-freier-ssl-version3-02.txt. ,(1996)
Søren Christensen, Kjeld H. Mortensen, Teaching Coloured Petri Nets- A Gentle Introduction to Formal Methods in a Distributed Systems Course applications and theory of petri nets. pp. 290- 309 ,(1997) , 10.1007/3-540-63139-9_42
Ari Juels, Markus Jakobsson, Proofs of Work and Bread Pudding Protocols communications and multimedia security. pp. 258- 272 ,(1999)
P. Karn, W. Simpson, Photuris: Session-Key Management Protocol rfc2522. ,vol. 2522, pp. 1- 80 ,(1999)
Zhangxi Tan, Chuang Lin, Hao Yin, Bo Li, None, Optimization and benchmark of cryptographic algorithms on network processors IEEE Micro. ,vol. 24, pp. 55- 69 ,(2004) , 10.1109/MM.2004.54