Abstract
Next Generation Network (NGN) is a completely new architectural concept for providing end-users with voice, video, and all sorts of data services. However, secure communication is a key and challenging requirement for NGN service providers. In this paper, we propose an innovative attack script generation and injection approach to evaluate the security of the communication system and consequently detect its security flaws. We apply attack modeling technique to describe the system vulnerabilities and generate system context attack scenarios. The attack scenarios are then refined to executable attack scripts which are executed by communication testing tools in charge of emulating the system attacks. The approach is applied to Wireless Application Protocol (WAP), which is a customized protocol used in resource constrained mobile devices. We performed experiments using specific attacks of the mobile protocol such as Denial of Service (DoS) and Message Truncation attacks. The experiments results demonstrate the effectiveness of the attack injection approach in the role of detecting security vulnerabilities in the communication system.
Similar content being viewed by others
References
D. Powell, A. Adelsbach, C. Cachin, S. Creese, M. Dacier, Y. Deswarte, T. McCutcheon, N. Neves, B. Pfitzmann, B. Randell, R. Stroud, P. Verissimo, and M. Waidner, “MAFTIA (Malicious- and Accidental-Fault Tolerance for Internet Applications),” in Proc. Int. Conf. Dependable Systems and Networks (DSN), Göteborg, Sweden, 2001, pp. D32–D35.
C. Nagle. (2001). Keyword Driven Automation Framework Model [Online]. Available: http://safsdev.sourceforge.net/FRAMESDataDrivenTestAutomationFrameworks.htm.
Juniper Research. (2011, Jan. 27). Low Cost Handsets & Entry Level Smartphones [Online]. Available: http://juniperresearch.com/reports/low_cost_handsets_&_entry_level_smartphones.
Wap Forum. (2001, Apr. 06). Wireless Transport Layer Security Specification Version 06-Apr-2001 [Online]. Available: http://www.wapforum.org/what/technical.htm..
A.P. Moore, R. J. Ellison, and R.C. Linger, “Attack modeling for information security and survivability,” Technical Note CMU/SEI-2001-TN-001, Mar. 2001.
N. W. Paton, O. Díaz, M. H. Williams, J. Campin, A. Dinn, and A. Jaime, “Dimensions of active behaviourn,” in Proc. 1st Int. Workshop Rules in Database Systems, Edinburgh, Scotland, 1993, pp. 40–57.
A. Morais, E. Martins, and A. Cavalli, “Security Protocol Testing Using Attack Trees,” in Proc. Int. Conf. Computational Science and Engineering, Vancouver, Canada, 2009, pp. 690–697.
A. Morais, E. Martins, and A. Cavalli, “A model-based attack injection approach for security validation,” in Proc. 4th Int. Conf. Security of Information and Networks, Sydney, Australia, 2011, pp. 103–110.
H. H. Thompson, J. A. Whittaker, and F. E. Mottay, “Software security vulnerability testing in hostile environments,” in Proc. ACM Symp. Applied Computing (SAC), Madrid, Spain, 2002, pp. 260–264.
P. C. H. Wanner and R. F. Weber, “Fault injection tool for network security evaluation,” in Dependable Computing: LNCS vol. 2847, R. de Lemos, T. S. Weber, and J. B. Camargo, Jr, Eds. Berlin: Springer, 2003, pp. 127–136.
N. Neves, J. Antunes, M. Correia, P. Veríssimo, and R. Neves, “Using attack injection to discover new vulnerabilities,” in Proc. Int. Conf. Dependable Systems and Networks (DSN), Philadelphia, USA, 2006, pp 457–466.
R. Kaksonen, M. Laakso, and A. Takanen, “System security assessment through specification mutations and fault injection,” in Proc. IFIP TC6/TC11 Int. Conf. Communications and Multimedia Security Issues of the New Century, Darmstadt, Germany, 2001, p. 27.
B. Miller. (1990). Fuzz Testing of Application Reliability [Online]. Available: http://pages.cs.wisc.edu/~bart/fuzz/.
M.-J. O. Saarinen, “Attacks against the WAP WTLS protocol,” in Proc. IFIP TC6/TC11 Joint Working Conf. Secure Information Networks: Communications and Multimedia Security, 1999, pp. 209–215.
D. Wagner and B. Schneier, “Analysis of the SSL 3.0 protocol,” in Proc. 2nd USENIX WorkshopElectronic Commerce, Berkeley, USA, 1996, pp. 29–40.
R. Zhang and K. Chen, “Improvements on the WTLS protocol to avoid denial of service attacks,” Computers & Security, vol. 24, no. 1, pp. 76–82, Feb. 2005.
D. Dolev and A. Yao, “On the security of public-key protocols,” IEEE Trans. Inf. Theory, vol. 29, no. 2, pp. 198–208, Mar. 1983.
R. J. Drebes, G. Jacques-Silva, J. F. da Trindade, and T. S. Weber, “A kernel-based communication fault injector for dependability testing of distributed systems,” in Proc. of Parallel and Distributed Systems: Testing and Debugging (PADTAD-3), Haifa, Israel, 2005, pp. 177–190.
A. Cavalli, E. Martins, and A. Morais, “Use of invariant properties to evaluate the results of fault-injection-based robustness testing of protocol implementations,” in Proc. 4th Workshop Advances in Model Based Testing (AMOST’08), Lillehammer, Norway, 2008, pp. 21–30.
B. Schneier, “Attack trees: Modeling security threats,” Dr. Dobb’s Journal, vol. 24, no. 12, pp.21–29, Dec. 1999.
M. Hussein and M. Zulkernine, “UMLintr: A UML profile for specifying intrusions,” in Proc. 13th Annu. IEEE Int. Symp. and Workshop Engineering of Computer Based Systems, Postdam, Germany, 2006, pp. 279–288.
Amenaza Technologies Limited. (2006, Aug. 16). Secur/Tree Tutorial [Online]. Available: http://www.amenaza.com/downloads/docs/Tutorial.pdf.
R. Sandilands. (2009). Network Traffic Generator [online]. Available: http://sourceforge.net/projects/traffic/.
F. Bachmann, L. Bass, C. Buhman, S. Comella-Dorda, F. Long, J. E. Robert, R. C. Seacord, and K. C. Wallnau, “Volume II:. Technical concepts of component-based software engineering,” Technical Report CMU/SEI-2000-TR-008, 2nd ed. May 2000.
E. Gamma, R. Helm, R. Johnson, and J. Vlissides, Design Patterns: Elements of Reusable Object-Oriented Software. Reading, USA: Addison-Wesley, 1995.
LAAS-CNRS. (2006). Deliverable D12 Resilience-Building Technologies: State of Knowledge. Available: http://www.resist-noe.org/outcomes/outcomes.html.
Y. Hsu, G. Shu, and D. Lee, “A model-based approach to security flaw detection ofnetwork protocol implementations,” in Proc. 16th IEEE Int. Conf. Network Protocols (ICNP), 2008, pp. 114–123.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Morais, A., Hwang, I., Cavalli, A. et al. Generating attack scenarios for the system security validation. Netw.Sci. 2, 69–80 (2013). https://doi.org/10.1007/s13119-012-0012-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13119-012-0012-0