Title :
A Probabilistic Attacker Model for Quantitative Verification of DoS Security Threats
Author :
Basagiannis, Stylianos ; Katsaros, Panagiotis ; Pombortsis, Andrew ; Alexiou, Nikolaos
Author_Institution :
Dept. of Inf., Aristotle Univ. of Thessaloniki, Thessaloniki
fDate :
July 28 2008-Aug. 1 2008
Abstract :
This work introduces probabilistic model checking as a viable tool-assisted approach for systematically quantifying DoS security threats. The proposed analysis is based on a probabilistic attacker model implementing simultaneous N zombie participants, which subvert secure authentication features in communication protocols and electronic commerce systems. DoS threats are expressed as probabilistic reachability properties that are automatically verified through an appropriate Discrete Time Markov Chain representing the protocol participants and attacker models. The overall analysis takes place in a mature probabilistic model checking toolset called PRISM. We believe that the applied quantitative verification approach is a valuable means for comparing protocol implementations with alternative parameter choices, for optimal resistance to the analyzed threats.
Keywords :
Markov processes; discrete time systems; electronic commerce; message authentication; program verification; DoS security threats; PRISM; communication protocols; discrete time Markov chain; electronic commerce systems; probabilistic attacker model; probabilistic model checking; quantitative verification; secure authentication features; Application software; Authentication; Computer applications; Computer crime; Computer security; Costs; Hip; Performance analysis; Protocols; Software tools; Denial of Service; model checking; security;
Conference_Titel :
Computer Software and Applications, 2008. COMPSAC '08. 32nd Annual IEEE International
Conference_Location :
Turku
Print_ISBN :
978-0-7695-3262-2
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2008.48