Using SPIN and eclipse for optimized high-level modeling and analysis of computer network attack models

Authors:
Gerrit Rothmaier;Tobias Kneiphoff;Heiko Krumm
Affiliations:
Materna GmbH, Dortmund, Germany;Bosch Rexroth AG, Witten, Germany;Universität Dortmund, Dortmund, Germany
Venue:
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Year:
2005

Citing 11
Cited 3

Increasing network throughput by integrating protocol layers

IEEE/ACM Transactions on Networking (TON)
The temporal logic of actions

ACM Transactions on Programming Languages and Systems (TOPLAS)
Model-Based Verification of a Security Protocol for Conditional Access to Services

Formal Methods in System Design
A framework for modeling transfer protocols

Computer Networks: The International Journal of Computer and Telecommunications Networking
Model-based analysis of configuration vulnerabilities

Journal of Computer Security
Formal System Development with KIV

FASE '00 Proceedings of the Third Internationsl Conference on Fundamental Approaches to Software Engineering: Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS 2000
Using SPIN to Verify Security Properties of Cryptographic Protocols

Proceedings of the 9th International SPIN Workshop on Model Checking of Software
Partial-Order Reduction in Symbolic State Space Exploration

CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Representing TCP/IP Connectivity For Topological Analysis of Network Security

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Using Model Checking to Analyze Network Vulnerabilities

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Spin model checker, the: primer and reference manual

Spin model checker, the: primer and reference manual

The High Road to Formal Validation

ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
Eclipse Plug-In for Spin and st2msc Tools-Tool Presentation

Proceedings of the 16th International SPIN Workshop on Model Checking Software
EpiSpin: an eclipse plug-in for Promela/spin using spoofax

Proceedings of the 18th international SPIN conference on Model checking software

Quantified Score

Hi-index	0.00

Visualization

Abstract

Advanced attack sequences combine different kinds of steps (e.g. attacker, protocol, and administration steps) on multiple networked systems. We propose a SPIN based approach for formal modeling and analysis of such scenarios. Our approach is especially suited for scenarios were protocol and network level aspects matter simultaneously. Typical attack sequences and not yet considered variants can be automatically found. The development of scenario models is supported by a modeling framework and the use of the high-level process specification language cTLA. A compiler translates the high-level cTLA models to Promela. This allows the powerful model-checking tool SPIN to be employed for analysis. Through integration of the compiler and SPIN into the Eclipse platform both model development and analysis are facilitated.