These are the slides to my first B.Sc. term paper- AVISPA, 2006.
These slides are presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Automated Validation of Internet Security Protocols and Applications (AVISPA) Krassen Deltchev
This is my first B.Sc. term paper, 2006. Back in the days my English was bad, which is obvious, while reading the paper, but i still love it, cuz this was my academic starting point on the topic of IT-Security. Enjoy!
This B.Sc. term paper is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Abstract:
The AVISPA Model Checker is a tool for automated validation and verification of security
protocols. It provides a push-button web-based software- and hardware-independent interface and
installation binaries for UNIX-based Operating Systems.
It belongs to the group of the state-of-the-art Model Checkers and uses a modular and descriptive
formal language for specifying industrial-scale security protocols.
The different back-ends of the AVISPA tool implement new optimized analysing techniques for
automated protocol verification.
Therefore the researcher/scientist can prove even bigger in their specification protocols in a short
time and in a user-friendly way.
New cryptographic attacks are explored using the AVISPA tool and the Model-Checker covers
widest range of the modern authentication internet protocols, regarding their security validation.
Here is my B.Sc. thesis back in 2010. I should not consider this reading as up-to-date, but it's worth as basic start-up on the topic of Web Application Security. Please, note the two tables are meant as attachments to this paper. Your critics are welcome. Enjoy!
The thesis is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Here's the abstract:
The presented thesis in this paper is another discussion on the problem or problem-
complex: What is Web 2.0? How it works? Is it vulnerable to its security scope? How can
one utilize and share Web 2.0, knowing in this interactive collaboration, how to protect
himself?
In this bachelor work the reader will find history information, discussion on the evolu-
tion of the Web standards and most common Web 2.0 attacking classes. Two examples of
important Web 2.0 attacking vectors shall be discussed in depth, in such manner as an ana-
lysis and examples on the attacking techniques, deliberation on the trends in attack preven-
tion methods, discussion on the tools according to these.
This paper should give a good classification on the proposed examples of Web 2.0 at-
tacks, make a conclusion on behalf of the Life Cycle and security standards for the modern
Web 2.0 implementations, and perhaps offer some interesting proposals.
a performance analysis of generalized key scheme block cipher (gksbc) algorit...INFOGAIN PUBLICATION
Information is a commodity. Information has economic value and production of it incurs cost. Securing the information is posing a considerable challenge. The cryptographic technology plays a leading role in securing the owners right on produced information. A continuous development of new encryption systems are necessitated with the advancement in security and efficiency needs. Cryptanalytic studies have demonstrated the superior capability of recently developed Generalized Key Scheme Block Cipher (GKSBC) algorithm in terms of stability, execution time and encryption quality compared to standard security algorithms. This paper proposes to evaluate the enduring capacity of GKSBC to various cryptanalytic attacks viz., Brute – Force Attack, Differential Cryptanalysis, Integral Cryptanalysis, Linear Cryptanalysis and Rectangle attack. None of the traditional attacks are designed to decrypt GKSBC encryption as the use of key scheme is different in it and therefore robust to the conventional cryptanalytic attacks.
RMAC – A LIGHTWEIGHT AUTHENTICATION PROTOCOL FOR HIGHLY CONSTRAINED IOT DEVICESijcisjournal
Nowadays, highly constrained IoT devices have earned an important place in our everyday lives. These devices mainly comprise RFID (Radio-Frequency Identification) or WSN (Wireless Sensor Networks) components. Their adoption is growing in areas where data security or privacy or both must be guaranteed. Therefore, it is necessary to develop appropriate security solutions for these systems. Many papers have proposed solutions for encryption or authentication. But it turns out that sometimes the proposal has security flaw or is ill-suited for the constrained IoT devices (which has very limited processing and storage capacities).In this paper, we introduce a new authentication protocol inspired by Mirror-Mac (MM) which is a generic construction of authentication protocol proposed by Mol et al. Our proposal named RMAC is well suited for highly constrained IoT devices since its implementation uses simple and lightweight algorithms. We also prove that RMAC is at least as secure as the MM protocol and thus secure against man-in-the-middle attacks.
ANALYSIS OF THE SECURITY OF BB84 BY MODEL CHECKINGIJNSA Journal
Quantum Cryptography or Quantum key distribution (QKD) is a technique that allows the secure distribution of a bit string, used as key in cryptographic protocols. When it was noted that quantum computers could break public key cryptosystems based on number theory extensive studies have been undertaken on QKD. Based on quantum mechanics, QKD offers unconditionally secure communication. Now, the progress of research in this field allows the anticipation of QKD to be available outside of laboratories within the next few years. Efforts are made to improve the performance and reliability of the implemented technologies. But several challenges remain despite this big progress. The task of how to test the apparatuses of QKD For example did not yet receive enough attention. These devises become complex and demand a big verification effort. In this paper we are interested in an approach based on the technique of probabilistic model checking for studying quantum information. Precisely, we use the PRISM tool to analyze the security of BB84 protocol and we are focused on the specific security property
of eavesdropping detection. We show that this property is affected by the parameters of quantum channel and the power of eavesdropper.
Automated Validation of Internet Security Protocols and Applications (AVISPA) Krassen Deltchev
This is my first B.Sc. term paper, 2006. Back in the days my English was bad, which is obvious, while reading the paper, but i still love it, cuz this was my academic starting point on the topic of IT-Security. Enjoy!
This B.Sc. term paper is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Abstract:
The AVISPA Model Checker is a tool for automated validation and verification of security
protocols. It provides a push-button web-based software- and hardware-independent interface and
installation binaries for UNIX-based Operating Systems.
It belongs to the group of the state-of-the-art Model Checkers and uses a modular and descriptive
formal language for specifying industrial-scale security protocols.
The different back-ends of the AVISPA tool implement new optimized analysing techniques for
automated protocol verification.
Therefore the researcher/scientist can prove even bigger in their specification protocols in a short
time and in a user-friendly way.
New cryptographic attacks are explored using the AVISPA tool and the Model-Checker covers
widest range of the modern authentication internet protocols, regarding their security validation.
Here is my B.Sc. thesis back in 2010. I should not consider this reading as up-to-date, but it's worth as basic start-up on the topic of Web Application Security. Please, note the two tables are meant as attachments to this paper. Your critics are welcome. Enjoy!
The thesis is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Here's the abstract:
The presented thesis in this paper is another discussion on the problem or problem-
complex: What is Web 2.0? How it works? Is it vulnerable to its security scope? How can
one utilize and share Web 2.0, knowing in this interactive collaboration, how to protect
himself?
In this bachelor work the reader will find history information, discussion on the evolu-
tion of the Web standards and most common Web 2.0 attacking classes. Two examples of
important Web 2.0 attacking vectors shall be discussed in depth, in such manner as an ana-
lysis and examples on the attacking techniques, deliberation on the trends in attack preven-
tion methods, discussion on the tools according to these.
This paper should give a good classification on the proposed examples of Web 2.0 at-
tacks, make a conclusion on behalf of the Life Cycle and security standards for the modern
Web 2.0 implementations, and perhaps offer some interesting proposals.
a performance analysis of generalized key scheme block cipher (gksbc) algorit...INFOGAIN PUBLICATION
Information is a commodity. Information has economic value and production of it incurs cost. Securing the information is posing a considerable challenge. The cryptographic technology plays a leading role in securing the owners right on produced information. A continuous development of new encryption systems are necessitated with the advancement in security and efficiency needs. Cryptanalytic studies have demonstrated the superior capability of recently developed Generalized Key Scheme Block Cipher (GKSBC) algorithm in terms of stability, execution time and encryption quality compared to standard security algorithms. This paper proposes to evaluate the enduring capacity of GKSBC to various cryptanalytic attacks viz., Brute – Force Attack, Differential Cryptanalysis, Integral Cryptanalysis, Linear Cryptanalysis and Rectangle attack. None of the traditional attacks are designed to decrypt GKSBC encryption as the use of key scheme is different in it and therefore robust to the conventional cryptanalytic attacks.
RMAC – A LIGHTWEIGHT AUTHENTICATION PROTOCOL FOR HIGHLY CONSTRAINED IOT DEVICESijcisjournal
Nowadays, highly constrained IoT devices have earned an important place in our everyday lives. These devices mainly comprise RFID (Radio-Frequency Identification) or WSN (Wireless Sensor Networks) components. Their adoption is growing in areas where data security or privacy or both must be guaranteed. Therefore, it is necessary to develop appropriate security solutions for these systems. Many papers have proposed solutions for encryption or authentication. But it turns out that sometimes the proposal has security flaw or is ill-suited for the constrained IoT devices (which has very limited processing and storage capacities).In this paper, we introduce a new authentication protocol inspired by Mirror-Mac (MM) which is a generic construction of authentication protocol proposed by Mol et al. Our proposal named RMAC is well suited for highly constrained IoT devices since its implementation uses simple and lightweight algorithms. We also prove that RMAC is at least as secure as the MM protocol and thus secure against man-in-the-middle attacks.
ANALYSIS OF THE SECURITY OF BB84 BY MODEL CHECKINGIJNSA Journal
Quantum Cryptography or Quantum key distribution (QKD) is a technique that allows the secure distribution of a bit string, used as key in cryptographic protocols. When it was noted that quantum computers could break public key cryptosystems based on number theory extensive studies have been undertaken on QKD. Based on quantum mechanics, QKD offers unconditionally secure communication. Now, the progress of research in this field allows the anticipation of QKD to be available outside of laboratories within the next few years. Efforts are made to improve the performance and reliability of the implemented technologies. But several challenges remain despite this big progress. The task of how to test the apparatuses of QKD For example did not yet receive enough attention. These devises become complex and demand a big verification effort. In this paper we are interested in an approach based on the technique of probabilistic model checking for studying quantum information. Precisely, we use the PRISM tool to analyze the security of BB84 protocol and we are focused on the specific security property
of eavesdropping detection. We show that this property is affected by the parameters of quantum channel and the power of eavesdropper.
An Efficient privacy preserving for Mobile and Pervasive Computinginventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A Modified Technique For Performing Data Encryption & Data DecryptionIJERA Editor
In this age of universal electronic connectivity of viruses and hackers of electronic eavesdropping and electronic fraud, there is indeed needed to store the information securely. This, in turn, led to a heightened awareness to protect data and resources from disclosure, to guarantee the authenticity of data and messages and to protect systems from network-based attacks. Information security via encryption decryption techniques is a very popular research area for many people’s over the years. This paper elaborates the basic concept of the cryptography, specially public and private cryptography. It also contains a review of some popular encryption decryption algorithms. A modified method is also proposed. This method is fast in comparison to the existing methods.
Outsourced kp abe with chosen ciphertext securitycsandit
Key-Policy Attribute Based Encryption (KP-ABE) has always been criticized for its inefficiency
drawbacks. Based on the cloud computing technology, computation outsourcing is one of the
effective solution to this problem. Some papers have proposed their schemes; however,
adversaries in their attack models were divided into two categories and they are assumed not to
communicate with each other, which is obviously unrealistic. In this paper, we first proved there
exist severe security vulnerabilities in these schemes for such an assumption, and then proposed
a security enhanced Chosen Ciphertext Attack (SE-CCA) model, which eliminates the improper
limitations. By utilizing Proxy Re-Encryption (PRE) and one-time signature technology, we also
constructed a concrete KP-ABE outsourcing scheme (O-KP-ABE) and proved its security under
SE-CCA model. Comparisons with existing schemes show that our constructions have obvious
comprehensive advantages in security and efficiency.
International Journal of Engineering Research and Applications (IJERA) is a team of researchers not publication services or private publications running the journals for monetary benefits, we are association of scientists and academia who focus only on supporting authors who want to publish their work. The articles published in our journal can be accessed online, all the articles will be archived for real time access.
Our journal system primarily aims to bring out the research talent and the works done by sciaentists, academia, engineers, practitioners, scholars, post graduate students of engineering and science. This journal aims to cover the scientific research in a broader sense and not publishing a niche area of research facilitating researchers from various verticals to publish their papers. It is also aimed to provide a platform for the researchers to publish in a shorter of time, enabling them to continue further All articles published are freely available to scientific researchers in the Government agencies,educators and the general public. We are taking serious efforts to promote our journal across the globe in various ways, we are sure that our journal will act as a scientific platform for all researchers to publish their works online.
RSA is one of the most popular Public Key Cryptography based algorithm mainly used for digital
signatures, encryption/decryption etc. It is based on the mathematical scheme of factorization of very large
integers which is a compute-intensive process and takes very long time as well as power to perform.
Several scientists are working throughout the world to increase the speedup and to decrease the power
consumption of RSA algorithm while keeping the security of the algorithm intact. One popular technique
which can be used to enhance the performance of RSA is parallel programming. In this paper we are
presenting the survey of various parallel implementations of RSA algorithm involving variety of hardware
and software implementations.
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...IJECEIAES
he Wireless Sensor Networks (WSNs) have spread its roots in almost every application. Owing to their scattered nature of sensor nodes, they are more prone to attacks. There are certain applications e.g. military, where sensor data‟s confidentiality requirement during transmission is essential. Cryptography has a vital role for achieving security in WSNs.WSN has resource constraints like memory size, processing speed and energy consumption which bounds the applicability of existing cryptographic algorithms for WSN. Any good security algorithms has higher energy consumption by the nodes, so it‟s a need to choose most energy-efficient cryptographic encryption algorithms for WSNs. This paper surveys different asymmetric algorithms such as RSA, Diffie-Hellman, DSA, ECC, hybrid and DNA cryptography. These algorithms are compared based on their key size, strength, weakness, attacks and possible countermeasures in the form of table.
Creation of smart spaces and scaling of devices to achieve miniaturization in pervasive computing environments has put forth a question on the degree of security of such devices. Security being a unique challenge in such environments, solution demands scalability, access control, heterogeneity, trust. Most of the existing cryptographic solutions widely in use rely on the hardness of factorization and number theory
problems. With the increase in cryptanalytic attacks these schemes will soon become insecure. We need an alternate security mechanism which is as hard as the existing number theoretic approaches. In this work, we discuss the aspects of Lattice based cryptography as a new dimension of providing security whose strength lies in the hardness of lattice problems. We discuss about a cryptosystem whose security relies on high lattice dimension.
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...IJNSA Journal
We present an overview of quantum key distribution (QKD), a secure key exchange method based on the quantum laws of physics rather than computational complexity. We also provide an overview of the two most widely used commodity security protocols, IPsec and TLS. Pursuing a key exchange model, we propose how QKD could be integrated into these security applications. For such a QKD integration we propose a support layer that provides a set of common QKD services between the QKD protocol and the security applications.
A Lightweight Secure Scheme for Detecting Provenance Forgery and Packet Drop ...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Hunting for APT in network logs workshop presentationOlehLevytskyi1
Nonamecon 2021 presentation.
Network logs are one of the most efficient sources to hunt adversaries, but building good analytics capabilities require a deep understanding of benign activity and attacker behavior. This training focuses on detecting real-case attacks, tools and scenarios by the past year.
The training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology and prepare them to start implementing this at their organizations.
Presentation topics:
- Netflow Mitre Matrix view
- Full packet captures vs Netflow
- Zeek
- Zeek packages
- RDP initial comprometation
- Empire Powershell and CobaltStrike or what to expect after initial loader execution.
- Empire powershell initial connection
- Beaconing. RITA
- Scanning detection
- Internal enumeration detection
- Lateral movement techniques widely used
- Kerberos attacks
- PSExec and fileless ways of delivering payloads in the network
- Zerologon detection
- Data exfiltration
- Data exfiltration over C2 channel
- Data exfiltration using time size limits (data chunks)
- DNS exfiltration
- Detecting ransomware in your network
- Real incident investigation
Authors:
Oleh Levytskyi (https://twitter.com/LeOleg97)
Bogdan Vennyk (https://twitter.com/bogdanvennyk)
An Efficient privacy preserving for Mobile and Pervasive Computinginventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A Modified Technique For Performing Data Encryption & Data DecryptionIJERA Editor
In this age of universal electronic connectivity of viruses and hackers of electronic eavesdropping and electronic fraud, there is indeed needed to store the information securely. This, in turn, led to a heightened awareness to protect data and resources from disclosure, to guarantee the authenticity of data and messages and to protect systems from network-based attacks. Information security via encryption decryption techniques is a very popular research area for many people’s over the years. This paper elaborates the basic concept of the cryptography, specially public and private cryptography. It also contains a review of some popular encryption decryption algorithms. A modified method is also proposed. This method is fast in comparison to the existing methods.
Outsourced kp abe with chosen ciphertext securitycsandit
Key-Policy Attribute Based Encryption (KP-ABE) has always been criticized for its inefficiency
drawbacks. Based on the cloud computing technology, computation outsourcing is one of the
effective solution to this problem. Some papers have proposed their schemes; however,
adversaries in their attack models were divided into two categories and they are assumed not to
communicate with each other, which is obviously unrealistic. In this paper, we first proved there
exist severe security vulnerabilities in these schemes for such an assumption, and then proposed
a security enhanced Chosen Ciphertext Attack (SE-CCA) model, which eliminates the improper
limitations. By utilizing Proxy Re-Encryption (PRE) and one-time signature technology, we also
constructed a concrete KP-ABE outsourcing scheme (O-KP-ABE) and proved its security under
SE-CCA model. Comparisons with existing schemes show that our constructions have obvious
comprehensive advantages in security and efficiency.
International Journal of Engineering Research and Applications (IJERA) is a team of researchers not publication services or private publications running the journals for monetary benefits, we are association of scientists and academia who focus only on supporting authors who want to publish their work. The articles published in our journal can be accessed online, all the articles will be archived for real time access.
Our journal system primarily aims to bring out the research talent and the works done by sciaentists, academia, engineers, practitioners, scholars, post graduate students of engineering and science. This journal aims to cover the scientific research in a broader sense and not publishing a niche area of research facilitating researchers from various verticals to publish their papers. It is also aimed to provide a platform for the researchers to publish in a shorter of time, enabling them to continue further All articles published are freely available to scientific researchers in the Government agencies,educators and the general public. We are taking serious efforts to promote our journal across the globe in various ways, we are sure that our journal will act as a scientific platform for all researchers to publish their works online.
RSA is one of the most popular Public Key Cryptography based algorithm mainly used for digital
signatures, encryption/decryption etc. It is based on the mathematical scheme of factorization of very large
integers which is a compute-intensive process and takes very long time as well as power to perform.
Several scientists are working throughout the world to increase the speedup and to decrease the power
consumption of RSA algorithm while keeping the security of the algorithm intact. One popular technique
which can be used to enhance the performance of RSA is parallel programming. In this paper we are
presenting the survey of various parallel implementations of RSA algorithm involving variety of hardware
and software implementations.
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...IJECEIAES
he Wireless Sensor Networks (WSNs) have spread its roots in almost every application. Owing to their scattered nature of sensor nodes, they are more prone to attacks. There are certain applications e.g. military, where sensor data‟s confidentiality requirement during transmission is essential. Cryptography has a vital role for achieving security in WSNs.WSN has resource constraints like memory size, processing speed and energy consumption which bounds the applicability of existing cryptographic algorithms for WSN. Any good security algorithms has higher energy consumption by the nodes, so it‟s a need to choose most energy-efficient cryptographic encryption algorithms for WSNs. This paper surveys different asymmetric algorithms such as RSA, Diffie-Hellman, DSA, ECC, hybrid and DNA cryptography. These algorithms are compared based on their key size, strength, weakness, attacks and possible countermeasures in the form of table.
Creation of smart spaces and scaling of devices to achieve miniaturization in pervasive computing environments has put forth a question on the degree of security of such devices. Security being a unique challenge in such environments, solution demands scalability, access control, heterogeneity, trust. Most of the existing cryptographic solutions widely in use rely on the hardness of factorization and number theory
problems. With the increase in cryptanalytic attacks these schemes will soon become insecure. We need an alternate security mechanism which is as hard as the existing number theoretic approaches. In this work, we discuss the aspects of Lattice based cryptography as a new dimension of providing security whose strength lies in the hardness of lattice problems. We discuss about a cryptosystem whose security relies on high lattice dimension.
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...IJNSA Journal
We present an overview of quantum key distribution (QKD), a secure key exchange method based on the quantum laws of physics rather than computational complexity. We also provide an overview of the two most widely used commodity security protocols, IPsec and TLS. Pursuing a key exchange model, we propose how QKD could be integrated into these security applications. For such a QKD integration we propose a support layer that provides a set of common QKD services between the QKD protocol and the security applications.
A Lightweight Secure Scheme for Detecting Provenance Forgery and Packet Drop ...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Hunting for APT in network logs workshop presentationOlehLevytskyi1
Nonamecon 2021 presentation.
Network logs are one of the most efficient sources to hunt adversaries, but building good analytics capabilities require a deep understanding of benign activity and attacker behavior. This training focuses on detecting real-case attacks, tools and scenarios by the past year.
The training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology and prepare them to start implementing this at their organizations.
Presentation topics:
- Netflow Mitre Matrix view
- Full packet captures vs Netflow
- Zeek
- Zeek packages
- RDP initial comprometation
- Empire Powershell and CobaltStrike or what to expect after initial loader execution.
- Empire powershell initial connection
- Beaconing. RITA
- Scanning detection
- Internal enumeration detection
- Lateral movement techniques widely used
- Kerberos attacks
- PSExec and fileless ways of delivering payloads in the network
- Zerologon detection
- Data exfiltration
- Data exfiltration over C2 channel
- Data exfiltration using time size limits (data chunks)
- DNS exfiltration
- Detecting ransomware in your network
- Real incident investigation
Authors:
Oleh Levytskyi (https://twitter.com/LeOleg97)
Bogdan Vennyk (https://twitter.com/bogdanvennyk)
I am pursuing Master's degree in Electrical Engineering with Computer Networks as my specialization in San Jose State University. I am actively searching for internships/Full-time opportunities in the field of networking.
Certifications : CCNA
• Have good hands on experience on Cisco devices using GNS3 platform and Cisco Packet tracer(Virtual lab)
• Strong Hands-on experience on network troubleshooting
• Strong understanding of several dynamic protocols like BGP, OSPF, RIP.
• Expertise is working with scenarios including VLANs, DHCP.
• Maintain security of the systems preventing from DDoS attaks and IP hijacking.
• Linux Essentials, System maintenance and administration.
• Fluency in Linux/Unix administration and troubleshooting, Apache Tomcat, RAID, Boot process, Linux internals.
• Very good understanding and hands on experience on networking concepts like TCP/IP, IPV4/IPV6, DNS, MPLS, VoIP, STP, IGMP
• Well-developed skills in providing technical solutions based on IPSec VPN Planning, designing deploying and supporting Firewalls and troubleshooting complex problems.
• Have good knowledge in Clustering and VRRP.
• Have good knowledge of scripting languages like Python.
Security and Usability: Designing Security Tooling That Roboticists Can UseRuffin White
Security and usability are often paradoxically portrayed as a zero-sum trade off, particularly in traditional computing; where favor of one is assumed to the detriment of the other. Yet the truth is often more nuance; especially so for cyber physical systems. In many regards, security and usability in robotics are intertwined, and should instead be thought of as a positive-sum game; where the deficiency of one aspect may deprive potential from the other. This talk will focus on how to improve the security for robotic systems by improving the usability of SROS2 tooling, and by extension the development and verification processes adopted by ROS users.
Presentation given at the 2017 LinuxCon China
With the booming of Container technology, it brings obvious advantages for cloud: simple and faster deployment, portability and lightweight cost. But the networking challenges are significant. Users need to restructure their network and support container deployment with current cloud framework, like container and VMs.
In this presentation, we will introduce new container networking solution, which provides one management framework to work with different network componenets through Open/friendly modelling mechnism. iCAN can simplify network deployment and management with most orchestration systems and a variety of data plane components, and design extendsible architect to define and validate Service Level Agreement(SLA) for cloud native applications, which is important factor for enterprise to deliver successful and stable service via containers.
Performance of Group Key Agreement Protocols( Theory) Krassen Deltchev
Here is another M.Sc. term apper of mine, covering the topic of Group Key Agreement Protocols on Wireless Mesh Networks.
This M.Sc. term paper is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Abstract:
Nowadays networking is more than implementing static wired network infrastructure. The
utilisation of wireless agile network constructs, represents a well established build-up on the “old
world” and in some cases the only feasible solution. Therefore the aspects, concerning the
dynamics, stability, security and performance issues of such “new world” networks are still of great
interest of the researchers. An important approach to represent an appropriate security level of
dynamic wireless networks is utilised via Group Key Agreement Protocols. In most cases, the
reader can find information, regarding these protocols, in literature, concerning Mobile Ad-Hoc
Networks. Though, there are not enough publications on the topic of Group Key Agreement
Protocols[GKAPs] for Wireless Mesh Networks[WMN], moreover on the performance issues of
their utilisation. We shall consider this as a exciting challenge for research on the topic of
Distributed Key Agreement Protocols.
The current term paper should represent a discussion over the security aspects of WMN, the
performance of Group Key Agreement Protocols for Wireless Mesh Networks, represent methods,
concerning these performance aspects and illustrate the GKAPs by means of their classification.
XAdES Specification based on the Apache XMLSec Project Krassen Deltchev
This B.Sc. project thesis is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
Abstract:
XML Advanced Electronic Signature (XAdES) provides basic authentication and integrity protection, and
satisfies the legal requirements for advanced electronic signatures.There are several implementations of
XAdES, but most of them are not OpenSource, or are partialy proprietary software. Great project concerned
with Digital Electronic Signatures is the OpenSource Apache XML Security Project. For the developer and
common user there is an implementation for the XMLDSIG specification, but still no one for XAdES.
The free source code implemetations of XAdES threat this project as a separate one and there is no interface,
which can explicit assemble them into the Apache XML Sec. That’s why, the scope of our project is to create
a library, that implements XAdES into the OpenSource Apache XML Security- to extend its functionality
and level of security, so using the Apache XML Sec, gives the opportunity to handle Advanced Electronic
Signatures, which is a standard of security nowadays.
The library is developed in Java, because shouldn’t be any kind of OS platform - dependencies, using it as a
plug-in to the Security Project of Apache.
More detailed, to validate the signing and verifying of signatures, and also test our code, we use the text-
based test suite of JUnit.
This classification matters the evolution of SQL injection attacks up to 2010. Here is no refernce to new attacks on WebSQl etc. It ist meant as attachment to my B.Sc. thesis from 2010.
The thesis is presented to the
Department of Electrical Engineering and Information Sciences
of the Ruhr-University of Bochum
Chair of Network and Data Security
of the Ruhr-University of Bochum,
Horst-Görtz Institute,
Prof. Jörg Schwenk
The topic, covering Web Application Forensics is challenging. There are not enough references,
discussing this subject, especially in the Scientific communities. Often is the the term 'Web
Application Forensics' misunderstood and mixed with IDS/ IPS defensive security approaches.
Another issue is to discern the Web Application Forensics, short Webapp Forensics, from Network
Forensics and Web Services Forensics, and in general to allocate it in the Digital/ Computer
Forensics classification.
Nowadays, Web Platforms are vastly growing, not to mention the so called Web 2.0 hype.
Furthermore, Business Web Applications blast the common security knowledge and premise rapid
inventory of the current security best practices and approaches. The questions, concerning the
automation of the security defensive and investigation methods, are becoming undeniable
important.
In this paper we should try to dispute the questions, concerning taxonomic approaches regarding the
Webapp Forensics; discuss trends, referenced to this topic and debate the matter of automation tools
for Webapp forensics.
Presentation to the M.Sc. project thesis:
DOM-based XSS to the
Chair of Network and Data Security,
RUB, HGI
Prof. Jörg Schwenk
The paper will be soon available- after the attestation.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Quantum Computing: Current Landscape and the Future Role of APIs
Automated Validation of Internet Security Protocols and Applications (AVISPA) , slides
1. Automated Validation
of
Internet Security Protocols and Applications (AVISPA)
University of Bochum
Krassen Deltchev
2. The Problem
Requirements on Internet Security Protocols
complex
sophisticated
Analyze of Protocols by hand
error-prone
incomplete
time-consuming
2
12.07.2006 Automated Validation of Internet Security Protocols and A
2
3. Formal Methods for Security Protocol Analysis
Computational Models
Formal Models
Logic-based (e.g., BAN Logic [BAN89] )
Algebraic-based (e.g., NRL Protocol Analyser)
Inductive Proofs (Lawrence C. Paulson)
Model Checking (e.g., AVISPA OFMC)
Finite-State machines
Constraint-based
3
12.07.2006 Automated Validation of Internet Security Protocols and A
3
4. Theoretical approaches : Dolev-Yao Intruder Model
The Dolev-Yao intruder [DY83]
Intruder has full controll over the network
Intruder can play role(s) of (normal) principals
Intruder cannot break cryptography
Unsatifying:
naively enumerates all intruder‘s messages
leads to enormous branching of the search tree
Standard Dolev-Yao abstraction lacks
cryptographic justification
Some Security Protocols secure in Dolev-Yao
model, become insecure using some provable crypto-
primitives
4
12.07.2006 Automated Validation of Internet Security Protocols and A
4
5. Theoretical approaches: Methodology
Model Checkers:
General:
System behaviour, modelled as a (finite) state transition system
System properties, expressed by state satisfaction relations
State space exploration – attack trace
Safety properties:
Safety: check, that certain undesirable properties never occur
Liveness: check, that certain desirable propertis do eventually
occur
Verify effective at finding flaws:
No guarantee for correctness due to ‚artificial‘ finite bounds
Problem can be probably solved by infinity-state model
checking; based on symbolic methods and abstractions
5
12.07.2006 Automated Validation of Internet Security Protocols and A
5
6. Model checkers: Example Implementations
Maude
Not exclusively a security protocol model checker
Instead of, it is an executable specification language, which
is based on rewriting logic
Hermes
check secrecy properties of protocols
Tested on 15 of the Clark/Jacob library [CJ97]
Finds attacks on 6 of 8 protocols
AVISPA
Uses two languages for protocol specification
Tested on 46 of 51 protocols of Clark/Jacob library
Finds attacks on all 32 of the 46 tested protocols
6
12.07.2006 Automated Validation of Internet Security Protocols and A
6
7. AVISPA
Automated Validation of Internet Security Protocols and Applications
Developement of automatic analysis
techniques, based on Model Checking
Provide tools, capable to solve industrial
problems
Compatible to common operating systems
Web-based Platform independent realisation
see, http://avispa-project.org/
7
12.07.2006 Automated Validation of Internet Security Protocols and A
7
8. AVISPA: Architecture
HLPSL: High Level Protocol
Specification Language
HLPSL2IF: Translator to IF
Format
IF: The Intermediate Format
Language
Translator to Subtools
OFMC (On-The-Fly-Model-
Checker) [MVO05]
ATSE (CL-based attack
searcher)
SATMC (SAT-based Model
checker)
TA4SP(Tree Automata-
based Protocol Analyser)
OF: The output format
8
12.07.2006 Automated Validation of Internet Security Protocols and A
8
9. HLPSL
High Level Protocol Specification Language
Specification
knowledge required of each agent,
participating in the protocol
knowledge and abilities of the intruder
sequence of messages, required by the
protocol
set of sessions (or instantiations) of the
protocol
9
12.07.2006 Automated Validation of Internet Security Protocols and A
9
10. IF
Intermediate Format Specification Language
Protocol modelled as a
transition system
States:local states of honest
agents and current knowledge
of the intruder
Transitions:actions of the
honest agents and the
intruder
Security properties:attack
predicate on states
The .if file contains protocol-
independent
declarations( operator
symbols,algebraic
properties,intruder model )
10
12.07.2006 Automated Validation of Internet Security Protocols and A
10
11. Lazy Intruder Model
represents optimisation search technique
without excluding any attacks [BMV04]
exploits the fact, that certain
parts of the intruder‘s messages are irrelevant
for the receiver
Data constructors build data without
evaluating their arguments
Allow one to represent and compute with
infinite data (e.g., streams or infinite
trees), generating arbitrary prefixes of data on
demand
11
12.07.2006 Automated Validation of Internet Security Protocols and A
11
12. HLPSL on SSL/TLS: TLS Handshake
Basic Role: alice (Client A)
role alice(A, B : agent, % that the server must send back Pa. (Essentially
H, PRF, KeyGen: hash_func, % modelling that the client makes only one offer.)
Ka, Ks: public_key, %% Ks is the public key of a T3P (ie. CA)
SND, RCV: channel (dy))
played_by A 2. State = 2
def= / RCV(Nb'.Sid.Pa.{B.Kb'}_(inv(Ks)))
=|>
local Na, Sid, Pa, PMS: text, State' := 3
Nb: text, / PMS' := new()
State: nat, / M' := PRF(PMS'.Na.Nb')
Finished: hash(hash(text.text.text).agent.agent.text.text.text), / Finished' := H(PRF(PMS'.Na.Nb').A.B.Na.Pa.Sid)
ClientK, ServerK: hash(agent.text.text.hash(text.text.text)), / ClientK' := KeyGen(A.Na.Nb'.PRF(PMS'.Na.Nb'))
Kb: public_key, / ServerK' := KeyGen(B.Na.Nb'.PRF(PMS'.Na.Nb'))
M: hash(text.text.text) / SND({PMS'}_Kb'.
{A.Ka}_(inv(Ks)).
const sec_clientk, sec_serverk : protocol_id {H(Nb'.B.PMS')}_(inv(Ka)).
{H(PRF(PMS'.Na.Nb').
init State := 0 A.B.Na.Pa.Sid)
transition }_KeyGen(A.Na.Nb'.PRF(PMS'.Na.Nb')))
1. State = 0 / witness(A,B,na_nb2,Na.Nb')
/ RCV(start)
=|> 4. State = 3
State' := 2 / RCV({Finished}_ServerK)
/ Na' := new() =|>
/ Pa' := new() State' := 5
/ Sid' := new() / request(A,B,na_nb1,Na.Nb)
/ SND(A.Na'.Sid'.Pa') / secret(ClientK,sec_clientk,{A,B})
% Since we abstract away from the negotiation / secret(ServerK,sec_serverk,{A,B})
% of cryptographic algorithms, here I simply assume end role
12
12.07.2006 Automated Validation of Internet Security Protocols and A
12
13. HLPSL on SSL/TLS(2): TLS Handshake
Basic Role: bob (Server B)
role bob(A, B : agent, 2. State = 3
H, PRF, KeyGen: hash_func, / RCV({PMS'}_Kb.{A.Ka'}_(inv(Ks)).
Kb, Ks: public_key, {H(Nb.B.PMS')}_(inv(Ka')).
SND, RCV: channel (dy)) {H(PRF(PMS'.Na.Nb).
played_by B A.B.Na.Pa.Sid)
def= }_KeyGen(A.Na.Nb.PRF(PMS'.Na.Nb)))
=|>
local Na, Nb, Sid, Pa, PMS: text, State' := 5
State: nat, / SND({H(PRF(PMS'.Na.Nb).
Ka: public_key A.B.Na.Pa.Sid)
}_KeyGen(B.Na.Nb.PRF(PMS'.Na.Nb)))
init State := 1 / request(B,A,na_nb2,Na.Nb)
end role
transition
1. State = 1
/ RCV(A.Na'.Sid'.Pa')
=|>
State' := 3
/ Nb' := new()
/ SND(Nb'.Sid'.Pa'.{B.Kb}_(inv(Ks)))
/ witness(B,A,na_nb1,Na'.Nb')
13
12.07.2006 Automated Validation of Internet Security Protocols and A
13
14. HLPSL on SSL/TLS(3):
Roles Session/Environment/Goal and OF
goal
role session(A,B: agent,
secrecy_of sec_clientk,sec_serverk % Addresses G7
Ka, Kb, Ks: public_key, %Alice authenticates Bob on na_nb1
H, PRF, KeyGen: hash_func) authentication_on na_nb1 % Addresses G1, G2, G3, G7, G10
def= %Bob authenticates Alice on na_nb2
authentication_on na_nb2 % Addresses G1, G2, G3, G7, G10
local SA, SB, RA, RB: channel (dy) end goal
composition
alice(A,B,H,PRF,KeyGen,Ka,Ks,SA,RA)
/ bob(A,B,H,PRF,KeyGen,Kb,Ks,SB,RB) OF log file :
% OFMC
end role % Version of 2006/02/13
SUMMARY
role environment() SAFE
def= DETAILS
BOUNDED_NUMBER_OF_SESSIONS
const na_nb1, na_nb2 : protocol_id, PROTOCOL
h, prf, keygen : hash_func, /home/avispa/web-interface-computation/./tempdir/workfile5wUPBB.if
a, b : agent, GOAL
ka, kb, ki, ks : public_key as_specified
BACKEND
intruder_knowledge = { a, b, ka, kb, ks, ki, inv(ki), OFMC
{i.ki}_(inv(ks)) } COMMENTS
STATISTICS
composition parseTime: 0.00s
session(a,b,ka,kb,ks,h,prf,keygen) searchTime: 0.33s
/ session(a,i,ka,ki,ks,h,prf,keygen) visitedNodes: 201 nodes
/ session(i,b,ki,kb,ks,h,prf,keygen) depth: 7 plies
end role
14
12.07.2006 Automated Validation of Internet Security Protocols and A
14
15. Conclusion
AVISPA tool is still under developement,but shows an
adequate approach regarding analysing of internet
security protocols
especially the implementation of the Lazy-Intruder-Model in the IF-
Specification and OFMC
using HLPSL, multisessions can be simulated and well defined
The AVISPA tool has the following achievements:
Every protocol can be specified and well modelled in HLPSL and
dynamically changed / adapted regarding newer security issues
There is a chance for developing and implementing newer security
protocols
Easy-to-use
15
12.07.2006 Automated Validation of Internet Security Protocols and A
15
16. The End
Thank you!
e-mail: Krassen.Deltchev@ruhr-uni-bochum.de
16
12.07.2006 Automated Validation of Internet Security Protocols and A
16
17. Automated analysis of Security protocols
References
[CJ97] John Clark and Jeremy [MVO05] Automated Validation
Jacob. A survey of authentication of Security Protocols(AVASP),
protocol literature : Version 1.0., Mördersheim/Vigano’/Oheimb
November 1997 apr. 2005
http://www-users.cs.york.ac.uk/ [BMV04] OFMC: A symbolic
jac/papers/drareview.ps.gz model checker for security
[M94] Catherine Meadows: Formal protocols,
Verification of Cryptographic Basin/Mördersheim/Vigano’
Protocols: A Survey. ASIACRYPT dec 2004
1994 [BB] Remote Timing Attacks
[TA02] Servey in Formal Analysis of are Practical, Brumley/Boneh
Security Properties of Cryptographic [CHVV] Password Interception
Protocols,Tarigan 2002 in a SSL/TLS Channel,
[DY83] D. Dolev, A. Yao, On the Canvel/Hiltgen/Vaudenay/
Security of Public Key Protocols, Vuagnoux
IEEE Trans. on Information Theory, [KPR] Attacking RSA-based
1983 Sessions in SSL/TLS,
[BAN89] Michael Burrows, Martin Klima/Pokorny’/Rosa
Abadi, and Roger Needham. A logic [WS] Analysis of the SSL 3.0
of authentication. Technical protocol,
Report 39, Digital Systems Wagner/Schneider
Research Center, february 1989
[AJ04] Three Tools for Model-
RFC 2246 "The TLS Protocol
Checking Security protocols, Version 1.0" , jan 1999
Arruda/Juma, jan 2004
17
12.07.2006 Automated Validation of Internet Security Protocols and A
17