An effective automatic detection system for multi-protocol attack

Since there exists multi-protocol attack when several security protocols are co-executed in a computer network, an automatic detection system for multi-protocol attack (ADMA) is proposed. The system is composed of two parts named protocol search subsystem and attack verification subsystem. According to the consistency condition of the type of encrypted messages between the target protocol and the secondary protocol, the protocol search subsystem can automatically search for the candidate secondary protocols, which may be used to attack the target protocol. By improving the SAT-based model checking, attack verification subsystem can automatically verify whether multi-protocol attack exists between the target protocol and the candidate secondary protocols or not. The experiment results show that ADMA system can implement automatic detection for multi-protocol attack, and some new multi-protocol attacks are found in the detection.

Project Supported:

Clc Number: