Model-checking DoS amplification for VoIP session initiation

Authors:
Ravinder Shankesi;Musab AlTurki;Ralf Sasse;Carl A. Gunter;José Meseguer
Affiliations:
University of Illinois at Urbana-Champaign, Urbana, IL;University of Illinois at Urbana-Champaign, Urbana, IL;University of Illinois at Urbana-Champaign, Urbana, IL;University of Illinois at Urbana-Champaign, Urbana, IL;University of Illinois at Urbana-Champaign, Urbana, IL
Venue:
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Year:
2009

Citing 16
Cited 0

A Specification and Verification Method for Preventing Denial of Service

IEEE Transactions on Software Engineering
Conditional rewriting logic as a unified model of concurrency

Selected papers of the Second Workshop on Concurrency and compositionality
Rewriting logic and Maude (invited speaker): a wide-spectrum semantic framework for object-based distributed systems

Fourth International Conference on Formal methods for open object-based distributed systems IV
A Formal Framework and Evaluation Method for Network Denial of Service

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Multiset rewriting and the complexity of bounded security protocols

Journal of Computer Security
Game-Based Analysis of Denial-of-Service Prevention Protocols

CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Statistical probabilistic model checking with a focus on time-bounded properties

Information and Computation
A rewriting-based inference system for the NRL Protocol analyzer and its meta-logical properties

Theoretical Computer Science - Automated reasoning for security protocol analysis
Security Analysis of Voice-over-IP Protocols

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Voice pharming attack and the trust of VoIP

Proceedings of the 4th international conference on Security and privacy in communication netowrks
A foundation for tunnel-complex protocols

A foundation for tunnel-complex protocols
Probabilistic Modeling and Analysis of DoS Protection for the ASV Protocol

Electronic Notes in Theoretical Computer Science (ENTCS)
PMaude: Rewrite-based Specification Language for Probabilistic Object Systems

Electronic Notes in Theoretical Computer Science (ENTCS)
A probabilistic formal analysis approach to cross layer optimization in distributed embedded systems

FMOODS'07 Proceedings of the 9th IFIP WG 6.1 international conference on Formal methods for open object-based distributed systems
All about maude - a high-performance logical framework: how to specify, program and verify systems in rewriting logic

All about maude - a high-performance logical framework: how to specify, program and verify systems in rewriting logic
On statistical model checking of stochastic systems

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification

Quantified Score

Hi-index	0.01

Visualization

Abstract

Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a modelchecking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.