CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A cost-based framework for analysis of denial of service in networks
Journal of Computer Security
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
A Formal Framework and Evaluation Method for Network Denial of Service
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
Just fast keying: Key agreement in a hostile internet
ACM Transactions on Information and System Security (TISSEC)
Modelling denial of service attacks on JFK with Meadows's cost-based framework
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Denial-of-service resistance in key establishment
International Journal of Wireless and Mobile Computing
Towards Denial-of-Service-Resilient Key Agreement Protocols
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Security Notions and Generic Constructions for Client Puzzles
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
ASM-SPV: A Model Checker for Security Protocols
IIH-MSP '10 Proceedings of the 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing
Formal modelling and automatic detection of resource exhaustion attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
On the security of public key protocols
IEEE Transactions on Information Theory
Hi-index | 0.00 |
Recently, people are paying more attention to formalizing and analyzing Denial of Service (DoS) attacks, but the known analysis models are either not precise enough or not readily used in an automatic way. In this paper, we make some improvements to the cost-based framework proposed by Meadows that aims to formalize DoS attacks. After improvement, the framework models intruders and protocols faithfully in CoreASM, and in a more accurate way in specification. Besides, the analysis can be performed automatically. In the improvements, a more flexible tolerance relation is defined so that the analysis result is in a broad form rather than merely binary as in previous works. Also, concrete values are used for representing the operational costs so as to make cost functions more precise and flexible in analysis. In this paper, the JFKi protocol is automatically analyzed as an indication of the advantages of the improvements. It explores the vulnerability that was previously found manually. The discussion on the JFKi protocol shows some difficulties in designing and analyzing DoS-resistent protocols.