TY - GEN
T1 - Automatic vulnerability checking of IEEE 802.16 WiMAX protocols through TLA+
AU - Narayana, Prasad
AU - Chen, Ruiming
AU - Zhao, Yao
AU - Chen, Yan
AU - Fu, Zhi
AU - Zhou, Hai
PY - 2006
Y1 - 2006
N2 - Vulnerability analysis is indispensably the first step towards securing a network protocol, but currently remains mostly a best effort manual process with no completeness guarantee. Formal methods are proposed for vulnerability analysis and most existing work focus on security properties such as perfect forwarding secrecy and correctness of authentication. However, it remains unclear how to apply these methods to analyze more subtle vulnerabilities such as denial-of-service (DoS) attacks. To address this challenge, in this paper, we propose use of TLA+ to automatically check DoS vulnerability of network protocols with completeness guarantee. In particular, we develop new schemes to avoid state space explosion in property checking and to model attackers' capabilities for finding realistic attacks. As a case study, we successfully identify threats to IEEE 802.16 air interface protocols.
AB - Vulnerability analysis is indispensably the first step towards securing a network protocol, but currently remains mostly a best effort manual process with no completeness guarantee. Formal methods are proposed for vulnerability analysis and most existing work focus on security properties such as perfect forwarding secrecy and correctness of authentication. However, it remains unclear how to apply these methods to analyze more subtle vulnerabilities such as denial-of-service (DoS) attacks. To address this challenge, in this paper, we propose use of TLA+ to automatically check DoS vulnerability of network protocols with completeness guarantee. In particular, we develop new schemes to avoid state space explosion in property checking and to model attackers' capabilities for finding realistic attacks. As a case study, we successfully identify threats to IEEE 802.16 air interface protocols.
UR - http://www.scopus.com/inward/record.url?scp=46249123717&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=46249123717&partnerID=8YFLogxK
U2 - 10.1109/NPSEC.2006.320346
DO - 10.1109/NPSEC.2006.320346
M3 - Conference contribution
AN - SCOPUS:46249123717
SN - 1424407737
SN - 9781424407736
T3 - 2nd Workshop on Secure Network Protocols, NPSec
SP - 44
EP - 49
BT - 2nd Workshop on Secure Network Protocols, NPSec
T2 - 2006 2nd Workshop on Secure Network Protocols, NPSec
Y2 - 12 November 2006 through 12 November 2006
ER -