CATALOGO DEI PRODOTTI DELLA RICERCA

In security protocol analysis, the traditional choice to consider a single Dolev-Yao attacker is supported by the fact that models with multiple collaborating Dolev-Yao attackers have been shown to be reducible to models with one Dolev-Yao attacker. In this paper, we take a fundamentally different approach and investigate the case of multiple non-collaborating attackers. After formalizing the framework for multi-attacker scenarios, we show with a case study that concurrent competitive attacks can interfere with each other. We then present a new strategy to defend security protocols, based on active exploitation of attack interference. The paper can be seen as providing two proof-of-concept results: (i) it is possible to exploit interference to mitigate protocol vulnerabilities, thus providing a form of protection to protocols; (ii) the search for defense strategies requires scenarios with at least two attackers.

Attack Interference in Non-collaborative Scenarios for Security Protocol Analysis

FIAZZA, Maria Camilla;PEROLI, Michele;VIGANO', Luca

2011-01-01

Abstract

In security protocol analysis, the traditional choice to consider a single Dolev-Yao attacker is supported by the fact that models with multiple collaborating Dolev-Yao attackers have been shown to be reducible to models with one Dolev-Yao attacker. In this paper, we take a fundamentally different approach and investigate the case of multiple non-collaborating attackers. After formalizing the framework for multi-attacker scenarios, we show with a case study that concurrent competitive attacks can interfere with each other. We then present a new strategy to defend security protocols, based on active exploitation of attack interference. The paper can be seen as providing two proof-of-concept results: (i) it is possible to exploit interference to mitigate protocol vulnerabilities, thus providing a form of protection to protocols; (ii) the search for defense strategies requires scenarios with at least two attackers.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno
	
				2011
			
	Lingua/e di pubblicazione
	
				Inglese
			
	Formato della pubblicazione
	
				ELETTRONICO
			
	Pubblicazione con Referee
	
				Sì, ma tipo non specificato
			
	Titolo del Convegno
	
				International Conference on Security and Cryptography, Secrypt 2011
			
	Luogo del Convegno
	
				Seville, Spain
			
	Periodo del Convegno
	
				Luglio 18-21, 2011
			
	Rilevanza del Convegno
	
				internazionale
			
	Titolo del libro
	
				SECRYPT 2011 - Proceedings of the International Conference on Security and Cryptography, Seville, Spain, 18 - 21 July, 2011, SECRYPT is part of ICETE - The International Joint Conference on e-Business and Telecommunications
			
	Autore degli atti
	
				Lopez Jorge; Samarati Pierangela
			
	Curatore degli atti
	
				Lopez Jorge; Samarati Pierangela
			
	Casa editrice degli atti
	
				SciTePress
			
	Codice ISBN degli atti del congresso
	
				9789898425713
			
	Pagina iniziale
	
				144
			
	Pagina finale
	
				156
			
	Numero di Pagine
	
				13
			
	Parole Chiave
	
				Security protocols; formal methods; attacker models; non-collaboration
			
	Fulltext
	
				none
			
	Tutti gli autori
	
						Fiazza, Maria Camilla; Peroli, Michele; Vigano', Luca
					
	Numero autori
	
				3
			
	Tipologia
	
				04 Contributo in atti di convegno::04.01 Contributo in atti di convegno
			
	Tipologia sito docente
	
				273
			
	Tipologia
	
				info:eu-repo/semantics/conferenceObject
			
	Appare nelle tipologie:
	
				04.01 Contributo in atti di convegno

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11562/367606

Citazioni

ND

ND

ND

social impact