Abstract: Aiming at the weakness of manual analysis, this paper proposes a hybrid analysis method against protocol. An automatic analysis tool is applied based on the manual analysis in order to reach completeness. Some vulnerability is found when applying the hybrid method to check mobile IPv6 protocol. Simulational experiment results show that the hybrid method can analyze non-security protocols and find the subtle vulnerability, and it is a systematic method with completeness guarantee.

Key words: protocol analysis, non-security protocol, vulnerability, mobile IPv6, spoofing attack

摘要： 针对手动方法对非安全协议分析过程中存在的不足，提出一种用于非安全协议的混合分析方法，并在手动分析的基础上，应用形式化自动工具分析协议的脆弱性。通过将该方法应用到移动IPv6协议，发现了新的脆弱性问题。仿真实验结果表明，该方法适合分析非安全协议，能够检查协议设计中的细微脆弱性问题，具有一定的系统性和较好的完备性。

关键词: 协议分析, 非安全协议, 脆弱性, 移动IPv6, 欺骗攻击

CLC Number: 

• TP393