Message confidentiality testing of security protocols: passive monitoring and active checking

Authors:
Guoqiang Shu;David Lee
Affiliations:
Department of Computer Science and Engineering, The Ohio State University, Columbus, OH;Department of Computer Science and Engineering, The Ohio State University, Columbus, OH
Venue:
TestCom'06 Proceedings of the 18th IFIP TC6/WG6.1 international conference on Testing of Communicating Systems
Year:
2006

Citing 16
Cited 1

The weak mutation hypothesis

TAV4 Proceedings of the symposium on Testing, analysis, and verification
Online minimization of transition systems (extended abstract)

STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Using encryption for authentication in large networks of computers

Communications of the ACM
A Formal Approach for Passive Testing of Protocol Data Portions

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Specification-Based Test Generation for Security-Critical Systems Using Mutations

ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Penetration Testing: A Duet

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Mutation Testing Applied to Validate Specifications Based on Statecharts

ISSRE '99 Proceedings of the 10th International Symposium on Software Reliability Engineering
Formally Testing Fail-Safety of Electronic Purse Protocols

Proceedings of the 16th IEEE international conference on Automated software engineering
Why Security Testing Is Hard

IEEE Security and Privacy
A Method Enabling Feasible Conformance Test Sequence Generation for EFSM Models

IEEE Transactions on Computers
Application Penetration Testing

IEEE Security and Privacy
Hints on Test Data Selection: Help for the Practicing Programmer

Computer
Security properties and CSP

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Formal methods for cryptographic protocol analysis: emerging issues and trends

IEEE Journal on Selected Areas in Communications

Formal passive testing of timed systems: theory and tools

Software Testing, Verification & Reliability

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security protocols provide critical services for distributed communication infrastructures. However, it is a challenge to ensure the correct functioning of their implementations, particularly, in the presence of malicious parties. We study testing of message confidentiality – an essential security property. We formally model protocol systems with an intruder using Dolev-Yao model. We discuss both passive monitoring and active testing of message confidentiality. For adaptive testing, we apply a guided random walk that selects next input on-line based on transition coverage and intruder's knowledge acquisition. For mutation testing, we investigate a class of monotonic security flaws, for which only a small number of mutants need to be tested for a complete checking. The well-known Needham-Schroeder-Lowe protocol is used to illustrate our approaches.