crta
Hrvatska znanstvena Sekcija img
bibliografija
3 gif
 Naslovna
 O projektu
 FAQ
 Kontakt
4 gif
Pregledavanje radova
Jednostavno pretraživanje
Napredno pretraživanje
Skupni podaci
Upis novih radova
Upute
Ispravci prijavljenih radova
Ostale bibliografije
Slični projekti
 Bibliografske baze podataka

Pregled bibliografske jedinice broj: 997938

Zbornik radova

Autori: Urquiza, Abraão Aires; Alturki, Musab A.; Kanovich, Max; Ban Kirigin, Tajana; Nigam, Vivek; Scedrov, Andre; Talcott, Carolyn
Naslov: Resource-Bounded Intruders in Denial of Service Attacks
( Resource-Bounded Intruders in Denial of Service Attacks )
Izvornik: / S. Delaune and L. Jia, eds. (ur.). - IEEE Computer Society Press , 2019. 1-15.
Skup: 32nd IEEE Computer Security Foundations Symposium
Mjesto i datum: Hoboken, New Jersey, USA, 25-28.6.2019.
Ključne riječi: Denial of Serice Attacks, Multiset Rewriting, Security Protocols, Dolev-Yao Intruder, Computational Complexity
( Denial of Serice Attacks, Multiset Rewriting, Security Protocols, Dolev-Yao Intruder, Computational Complexity )
Sažetak:
Denial of Service (DoS) attacks have been a serious security concern, as no service is, in principle, protected against them. Although a Dolev-Yao intruder with unlimited resources can trivially render any service unavailable, DoS attacks do not necessarily have to be carried out by such (extremely) powerful intruders. It is useful in practice and more challenging for formal protocol verification to determine whether a service is vulnerable even to resource-bounded intruders that cannot generate or intercept arbitrary large volumes of traffic. This paper proposes a novel, more refined intruder model where the intruder can only consume at most some specified amount of resources in any given time window. Additionally, we propose protocol theories that may contain timeouts and specify service resource usage during protocol execution. In contrast to the existing resource-conscious protocol verification models, our model allows finer and more subtle analysis of DoS problems. We illustrate the power of our approach by representing a number of classes of DoS attacks, such as, Slow, Asymmetric and Amplification DoS attacks, exhausting different types of resources of the target, such as, number of workers, processing power, memory, and network bandwith. We show that the proposed DoS problem is undecidable in general and is PSPACE-complete for the class of resource- bounded, balanced systems. Finally, we implemented our formal verification model in the rewriting logic tool Maude and analyzed a number of DoS attacks in Maude using Rewriting Modulo SMT in an automated fashion.
Vrsta sudjelovanja: Predavanje
Vrsta prezentacije u zborniku: Cjeloviti rad (više od 1500 riječi)
Vrsta recenzije: Međunarodna recenzija
Izvorni jezik: eng
Kategorija: Znanstveni
Znanstvena područja:
Matematika,Računarstvo
Upisao u CROSBI: Tajana Ban Kirigin (bank@math.uniri.hr), 26. Tra. 2019. u 15:49 sati



Verzija za printanje   za tiskati


upomoc
foot_4