Title :
A Hybrid Vulnerability Analysis Method against Non-Security Protocols
Author :
Zhang, Yanmei ; Zhu, Jianming
Author_Institution :
Inf. Sch. of Central, Univ. of Finance & Econ., Beijing
Abstract :
A hybrid analysis method for protocol is proposed which combines the power of both manual and automatic methods. At first, it defines a number of attack goals and then studies how to achieve these goals by misusing the messages. An automatic analysis tool is applied in order to reach completeness based on the manual analysis. Some of the found attacks are excluded because of the low feasibility in the practical environment, and the other feasible attacks might be combined to launch more powerful compound attacks. Some vulnerability is found when applying the hybrid method to check mobile IPv6 protocol. The result shows the hybrid method is a systematic method with completeness guarantee. It fits for analyzing non-security protocols and finding the subtle vulnerability.
Keywords :
IP networks; Internet; mobile radio; telecommunication security; transport protocols; hybrid vulnerability analysis method; mobile IPv6 protocol; nonsecurity protocol; Access protocols; Computer crime; Degradation; Environmental economics; Finance; Information analysis; Performance analysis; Power generation economics; Security; Testing; Protocol analysis; mobile IPv6; non-security protocol; spoofing attack; vulnerability;
Conference_Titel :
Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3398-8
Electronic_ISBN :
978-0-7695-3398-8
DOI :
10.1109/ICYCS.2008.260
