Security Analysis Of Security Protocol Implementations Based On Network Trace

The security analysis of security protocol implementations is an important part of cyber security and also is a key part of the active immune system.At present,many research works on security analysis of security protocol implementations use program verification methods and model extraction methods with the condition that security protocol implementations are available.However,with the strength of property protection and the wide applications of code obfuscation technology,it is increasingly difficult to get and understand the security protocol implementations.Therefore,under the condition of obtaining security protocol implementation specifications,this paper analyzes the security of the security protocol implementations using network trace.Based on the condition of acquiring network trace and security protocol implementation specifications,software FSIA is developed to analyze the hybrid security protocol implements security in login system of a University.In this thesis,the mainly works are as follows:(1)The implementation ontology framework of security protocol is presented based on the seven-step method.It obtain the target security protocol implementation specification and improve the target security protocol implement ontology according to the ontology framework.(2)The format analysis methods of hybrid protocol trace is presented based on hybrid flow using separator inference method.These method takes the hybrid protocol trace as input and produce the security protocol format.(3)The mapping method from the security protocol trace to the implementation ontology of security protocol is presented based on greedy algorithm.It combines the format analyzed trace and security protocol implement ontology,and then generate the mapping between the security protocol trace and the security protocol implementation ontology.(4)The method of implementation security analysis of security protocol is presented based on the security implementation ontology,the format analysis methods of hybrid protocol trace and the mapping method of the security protocol trace to the implementation ontology of security protocol.It produce the implementation security analysis of the security protocol.(5)FSIA software is designed and implemented according to the proposed security protocol implementation security analysis method based on network trace.The input of FSIA is hybrid protocol trae and security protocol implementation ontology,and the output of FSIA is conclusion of security protocol implementation security analysis.(6)FSIA software is used to analyze the CAS-SSO protocol and CAS-OAUTH protocol which is applied in the login module of the University leakage of the Ticket in the CAS protocol,and the attacker may obtain all the data of the user in each application server by using the ticket,so the implementation of the CAS protocol of the University is not standardized.