A Novel Formal Theory for Security Protocol Analysis of Denial of Service Based on Extended Strand Space Model

Denial of Service Distributed Denial of Service （DOS） attack, especially （DDoS） attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange （IKE） easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol （JFK） is resistant against DoS attack for the server, respectively.

Protocol analysis of designers using an interactive evolutionary computation

This paper explores the problem-solving behavior of people in design activities through a protocol analysis of verbal reports on the interior work design process simulated by an interactive evolutionary computation （IEC）. The protocol analysis method was used to explore the ways of thinking of the participants throughout the process. The analysis reveals that different parts of the interior scene have different effects on the evaluations, and people tend to use the same evaluation criteria continuously on several images. This kind of behavior is consistent with that of professional designers in past studies and is revealed applicable to nonprofessionals in the current research.

The Security Analysis of Two-Step Quantum Direct Communication Protocol in Collective-Rotation Noise Channel

To analyze the security of two-step quantum direct communication protocol （QDCP） by using Einstein-Podolsky Rosen pair proposed by Deng et al. [Phys. Rev. A 68 （2003）042317] in collective-rotation noise channel, an excellent model of noise analysis is proposed. In the security analysis, the method of the entropy theory is introduced, and is compared with QDCP, an error rate point Qo（M ： （Q0, 1.0）） is given. In different noise levels, if Eve wants to obtain the same amount of information, the error rate Q is distinguishable. The larger the noise level ~ is, the larger the error rate Q is. When the noise level ~ is lower than 11%, the high error rate is 0.153 without eavesdropping. Lastly, the security of the proposed protocol is discussed. It turns out that the quantum channel will be safe when Q 〈 0.153. Similarly, if error rate Q〉 0.153 = Q0, eavesdropping information I 〉 1, which means that there exist eavesdroppers in the quantum channel, and the quantum channel will not be safe anymore.

Vulnerability Analysis of MEGA Encryption Mechanism

MEGA is an end-to-end encrypted cloud storage platform controlled by users.Moreover,the communication between MEGA client and server is carried out under the protection of Transport Layer Security(TLS)encryption,it is difficult to intercept the key data packets in the process of MEGA registration,login,file data upload,and download.These characteristics of MEGA have brought great difficulties to its forensics.This paper presents a method to attack MEGA to provide an effective method for MEGA’s forensics.By debugging the open-source code of MEGA and analyzing the security white paper published,this paper first clarifies the encryption mechanism of MEGA,including the detailed process of registration,login,and file encryption,studies the encryption mechanism of MEGA from the perspective of protocol analysis,and finds out the vulnerability of MEGA encryption mechanism.On this basis,a method to attack MEGA is proposed,and the secret data stored in the MEGA server can be accessed or downloaded;Finally,the efficiency of the attack method is analyzed,and some suggestions to resist this attack method are put forward.

Analysis of security protocols based on challenge-response

Security protocol is specified as the procedure of challenge-response, which uses applied cryptography to confirm the existence of other principals and fulfill some data negotiation such as session keys. Most of the existing analysis methods, which either adopt theorem proving techniques such as state exploration or logic reasoning techniques such as authentication logic, face the conflicts between analysis power and operability. To solve the problem, a new efficient method is proposed that provides SSM semantics-based definition of secrecy and authentication goals and applies authentication logic as fundamental analysis techniques, in which secrecy analysis is split into two parts： Explicit-lnformaUon-Leakage and Implicit-Information-Leakage, and correspondence analysis is concluded as the analysis of the existence relationship of Strands and the agreement of Strand pa- rameters. This new method owns both the power of the Strand Space Model and concision of authentication logic.

Research and improvement on the limitation of authentication test

This paper elaborated on the limitation of authentication test theorem, illustrated the fundamental cause of that limitation through examples, then enhanced authentication test to solve this problem, and also proved the soundness of that improvement with formal method. The enhanced theory can deal with protocols with test component as proper subterm of other regular node＇ s component under certain conditions, and extend the application scope of authentication test. With enhanced authentication test, the automatic protocol verification tools will be more efficient and convenient.

The Role of Storytelling in Personal Knowledge Convey

The relative difficulty of capturing and conveying knowledge is determined on the diversity of knowledge types. It is necessary to interpret the consciously capturing process of the knowledge that is formed unconsciously. Storytelling is important in the capturing and conveying of tacit knowledge. Culture, structure, system, and the knowledge holders within the organization also affect the transfer of personal knowledge. The company M, has successfully created knowledge based on transfer of personal knowledge by leveraging the organization mechanism ＂The board of advisors＂. In order to elucidate the process, the author analyzed the recordings of the passing on contents using the protocol analysis.

A Comparative Analysis of Different Arbitration Protocols forMultiple-Bus Multiprocessors

Earlier performance studies of multiple-bus multiprocessor systetns assume a ran-dom selection of competing requests for bus assignment and ignore the effects of realistic bus arbitration schemes on the performance of such systetns. In this paper, we present performance analysis of the multiple-bus systems with different arbitration protocols.The priority protocols considered are random selection, fixed priority, rotating priority, roundrobin and FIFO. Analytica1 models are developed for each of these five dmerent priority protocoIs. Each of our analyses modeIs exactly the behavior of the correspond-ing priority protocol with little computation cost. The analytical models are validated through extensive simu1ations and are then used to carry out performance analysis and comparison of different priority protocols. Numerical results obtained from our models show that the round-robin protocol performs the best among the five protocols in the system with a few buses.

Formal Analysis of Authentication in 802.11i

Authentication is the basis of the security of IEEE 802.11i standard. The authentication process in 802.11i involves two important protocols： a 4-way handshake and a group key handshake. A formal analysis of authentication in 802.11i is given via a belief multisets formalism. The analysis shows that the 4-way handshake and the group key handshake may provide satisfactory mutual authentication, key management, and issue of a new group temporal key from an access point to a user device, under the guarantee of mutual possession of a confidential palrwise master key. The analysis also shows that there exists a denial of service attack in the 4-way handshake and some seeming redundancies are useful in the protocol implementation.

An Improvement ofGNY Logic for the Reflection Attacks

In this paper, the limitation of the GNY logic about its inabilityto detect the reflection attacks against some authentication protocols is given. Animprovement is proposed which takes into account the possible multiple instances(principals) of the same identity in the model.

Emerging Applications for Cyber Transportation Systems

Recent advances in connected vehicles and autonomous driving are going to change the face of ground trans- portation as we know it. This paper describes the design and evaluation of several emerging applications for such a cyber transportation system （CTS）. These applications have been designed using holistic approaches, which consider the unique roles played by the human drivers, the transportation system, and the communication network. They can improve driver safety and provide on-road infotainment. They can also improve transportation operations and efficiency, thereby benefiting travelers and attracting investment from both government agencies and private businesses to deploy infrastructures and bootstrap the evolutionary process of CTS.