Netinfo Security ›› 2018, Vol. 18 ›› Issue (2): 61-70.doi: 10.3969/j.issn.1671-1122.2018.02.009

• Orginal Article • Previous Articles     Next Articles

Research on Attacker Modeling Method of Security Protocol Based on SPIN

Huifan YI1,2, Liang WAN1,2(), Nana HUANG1,2, Kunpeng WANG1,2   

  1. 1.College of Computer Science and Technology,Guizhou University, Guiyang Guizhou 550025, China
    2. Computer Software and Theoretical Research Institute, Guizhou University, Guiyang Guizhou 550025, China
  • Received:2017-11-20 Online:2018-02-20 Published:2020-05-11

Abstract:

Security protocol is the key to ensure network security, in the existing technical conditions, there are many methods to analyze the security of protocol, but the attacker modeling method is not efficient, resulting in lower detection and analysis efficiency of protocols. Formal method is a means to verify protocol, which can effectively analyze the loopholes in the design of verification protocol. As one of the formalized methods, model detection has the characteristics of simplicity, efficient and high degree of automation, the model detector SPIN has a powerful detection capability. This paper uses SPIN to study security protocol, proposes a more efficient method to verify the security protocol of attacker model, firstly, analyze the attacker's behavior, acquire the attacker's initial knowledge base, update the attacker's knowledge base according to the decomposition rule and the synthetic rule; secondly, formalize the Promela semantic model of each honest subject and the attacker; finally, the model checker SPIN is used for verification. The experimental results show that the proposed method can reduce the complexity of the model, greatly reduce the number of state of the model, effectively avoid the state space explosion, and improves the verification efficiency.

Key words: security protocol, formalized methods, network security, model detection, state space

CLC Number: