The Community for Technology Leaders
RSS Icon
Subscribe
Toronto, ON
June 25, 2007 to June 27, 2007
ISBN: 0-7695-2837-3
pp: 25
Guoqiang Shu , Ohio State University
David Lee , Ohio State University
ABSTRACT
Security and reliability of network protocol implementations are essential for communication services. Most of the approaches for verifying security and reliability, such as formal validation and black-box testing, are limited to checking the specification or conformance of implementation. However, in practice, a protocol implementation may contain engineering details, which are not included in the system specification but may result in security flaws. We propose a new learning-based approach to systematically and automatically test protocol implementation security properties. Protocols are specified using Symbolic Parameterized Extended Finite State Machine (SP-EFSM) model, and an important security property - message confidentiality under the general Dolev-Yao attacker model - is investigated. The new testing approach applies black-box checking theory and a supervised learning algorithm to explore the structure of an implementation under test while simulating the teacher with a conformance test generation scheme. We present the testing procedure, analyze its complexity, and report experimental results.
INDEX TERMS
null
CITATION
Guoqiang Shu, David Lee, "Testing Security Properties of Protocol Implementations - a Machine Learning Based Approach", ICDCS, 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07), 27th International Conference on Distributed Computing Systems (ICDCS '07) 2007, pp. 25, doi:10.1109/ICDCS.2007.147
12 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool