计算机工程 ›› 2012, Vol. 38 ›› Issue (9): 134-137.doi: 10.3969/j.issn.1000-3428.2012.09.040

• 安全技术 • 上一篇    下一篇

认证协议漏洞自动检测系统设计与实现

林 丽1a,关德君1b,徐 剑2a,钟 月2b   

  1. (1. 沈阳广播电视大学 a. 对外合作学院;b. 信息工程学院,沈阳 110003; 2. 东北大学 a. 软件学院;b. 中荷生物医学与信息工程学院,沈阳 110819)
  • 收稿日期:2012-01-12 出版日期:2012-05-05 发布日期:2012-05-05
  • 作者简介:林 丽(1979-),女,讲师、硕士研究生,主研方向:网络安全,智能网络;关德君,讲师、硕士研究生;徐 剑,讲师、博士研究生;钟 月,硕士研究生
  • 基金项目:
    辽宁省自然科学基金资助项目“基于人体健康监测的无线传感网络辐射水平评估与优化”(201102067)

Design and Implementation of Automatic Detection System for Authentication Protocol Loophole

LIN Li   1a, GUAN De-jun   1b, XU Jian   2a, ZHONG Yue   2b   

  1. (1a. External Cooperative College; 1b. College of Information Engineering, Shenyang Radio and Television University, Shenyang 110003, China; 2a. College of Software; 2b. Sino-Dutch Biomedical and Information Engineering School, Northeastern University, Shenyang 110819, China)
  • Received:2012-01-12 Online:2012-05-05 Published:2012-05-05

摘要: 从攻击者的角度出发,总结系统攻击的2个特性,设计一个协议漏洞自动检测系统。通过目标查找算法、可利用资源查找算法及协议漏洞查找算法,找到多种攻击认证协议的途径,由此发现协议存在的漏洞。对Needham-Schroeder、Neuman-Stubblebine和Otway-Rees协议的测试结果表明,该系统可正确检测协议漏洞,模拟攻击方式。

关键词: 认证协议, 漏洞查找, 自动检测, 可利用资源查找, 目标查找

Abstract: From the attacker’s point of view, this paper sums up two features of attack on system and designs an automatic detection system for authentication protocol loophole. By target lookup algorithm, available resource lookup algorithm and protocol vulnerabilities searching algorithm, it finds a variety of ways to attack the authentication protocol to discover loopholes in the protocol. Needham-Schroeder, Neuman-Stubblebine and Otway-Rees protocol are used to do tests, whose results show that the system can correctly detect the vulnerability of the protocol, and simulate the attack methods.

Key words: authentication protocol, loophole lookup, automatic detection, available resource lookup, object lookup

中图分类号: