Some improvements to the cost-based framework for analyzing denial of service attacks

Authors:
Qinggang Yue;Feng Liu;Rui Xue
Affiliations:
The State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China,Graduate University of the Chinese Academy of Sciences, Beijing, China;The State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;The State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China
Venue:
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Year:
2011

Citing 14
Cited 0

Denial of service

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A cost-based framework for analysis of denial of service in networks

Journal of Computer Security
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic

Logic of Programs, Workshop
A Formal Framework and Evaluation Method for Network Denial of Service

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocols for Key Establishment and Authentication

Protocols for Key Establishment and Authentication
Just fast keying: Key agreement in a hostile internet

ACM Transactions on Information and System Security (TISSEC)
Modelling denial of service attacks on JFK with Meadows's cost-based framework

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Denial-of-service resistance in key establishment

International Journal of Wireless and Mobile Computing
Towards Denial-of-Service-Resilient Key Agreement Protocols

ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Security Notions and Generic Constructions for Client Puzzles

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Stronger security of authenticated key exchange

ProvSec'07 Proceedings of the 1st international conference on Provable security
ASM-SPV: A Model Checker for Security Protocols

IIH-MSP '10 Proceedings of the 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing
Formal modelling and automatic detection of resource exhaustion attacks

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
On the security of public key protocols

IEEE Transactions on Information Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, people are paying more attention to formalizing and analyzing Denial of Service (DoS) attacks, but the known analysis models are either not precise enough or not readily used in an automatic way. In this paper, we make some improvements to the cost-based framework proposed by Meadows that aims to formalize DoS attacks. After improvement, the framework models intruders and protocols faithfully in CoreASM, and in a more accurate way in specification. Besides, the analysis can be performed automatically. In the improvements, a more flexible tolerance relation is defined so that the analysis result is in a broad form rather than merely binary as in previous works. Also, concrete values are used for representing the operational costs so as to make cost functions more precise and flexible in analysis. In this paper, the JFKi protocol is automatically analyzed as an indication of the advantages of the improvements. It explores the vulnerability that was previously found manually. The discussion on the JFKi protocol shows some difficulties in designing and analyzing DoS-resistent protocols.