计算机工程 ›› 2010, Vol. 36 ›› Issue (06): 133-136.doi: 10.3969/j.issn.1000-3428.2010.06.045

• 安全技术 • 上一篇    下一篇

非安全协议脆弱性的混合分析方法

张艳梅,曹怀虎   

  1. (中央财经大学信息学院,北京 100081)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2010-03-20 发布日期:2010-03-20

Hybrid Analysis Method of Non-security Protocol Vulnerability

ZHANG Yan-mei, CAO Huai-hu

  

  1. (Information School, Central University of Finance and Economics, Beijing 100081)
  • Received:1900-01-01 Revised:1900-01-01 Online:2010-03-20 Published:2010-03-20

摘要: 针对手动方法对非安全协议分析过程中存在的不足,提出一种用于非安全协议的混合分析方法,并在手动分析的基础上,应用形式化自动工具分析协议的脆弱性。通过将该方法应用到移动IPv6协议,发现了新的脆弱性问题。仿真实验结果表明,该方法适合分析非安全协议,能够检查协议设计中的细微脆弱性问题,具有一定的系统性和较好的完备性。

关键词: 协议分析, 非安全协议, 脆弱性, 移动IPv6, 欺骗攻击

Abstract: Aiming at the weakness of manual analysis, this paper proposes a hybrid analysis method against protocol. An automatic analysis tool is applied based on the manual analysis in order to reach completeness. Some vulnerability is found when applying the hybrid method to check mobile IPv6 protocol. Simulational experiment results show that the hybrid method can analyze non-security protocols and find the subtle vulnerability, and it is a systematic method with completeness guarantee.

Key words: protocol analysis, non-security protocol, vulnerability, mobile IPv6, spoofing attack

中图分类号: