Model Learning and Model Checking of IPSec Implementations for Internet of Things

Model Learning and Model Checking of IPSec Implementations for Internet of Things

With the development of Internet of Things (IoT) technology, the demand for secure communication by smart devices has dramatically increased, and the security of the IoT protocol has become the focus of cyberspace. Recently, some scholars have attempted to extend the IPSec protocol to IPv6 over Low-...

Full description

Bibliographic Details
Main Authors: Jiaxing Guo, Chunxiang Gu, Xi Chen, Fushan Wei
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
IPSec protocol
model learning
model checking
Online Access:https://ieeexplore.ieee.org/document/8913552/
id doaj-8568cf2cee7a43b2aee8b0e215a19ab8
record_format Article
spelling doaj-8568cf2cee7a43b2aee8b0e215a19ab82021-03-30T00:49:13ZengIEEEIEEE Access2169-35362019-01-01717132217133210.1109/ACCESS.2019.29560628913552Model Learning and Model Checking of IPSec Implementations for Internet of ThingsJiaxing Guo0https://orcid.org/0000-0001-8668-9264Chunxiang Gu1https://orcid.org/0000-0003-3860-1939Xi Chen2https://orcid.org/0000-0001-8115-4164Fushan Wei3https://orcid.org/0000-0003-2790-7254Henan Key Laboratory of Network Cryptography Technology, Zhengzhou, ChinaHenan Key Laboratory of Network Cryptography Technology, Zhengzhou, ChinaHenan Key Laboratory of Network Cryptography Technology, Zhengzhou, ChinaHenan Key Laboratory of Network Cryptography Technology, Zhengzhou, ChinaWith the development of Internet of Things (IoT) technology, the demand for secure communication by smart devices has dramatically increased, and the security of the IoT protocol has become the focus of cyberspace. Recently, some scholars have attempted to extend the IPSec protocol to IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) to ensure end-to-end security, which makes it essential to analyze the vulnerability of the IPSec protocol to enhance the security of the IoT. In this study, we use a method combining model learning and model checking to analyze the dynamic vulnerability of IPSec protocol implementations. This method automatically infers the black-box model and compares it with the relevant specifications to expose the defects of the system implementation and search its logic vulnerabilities. We first employ model learning on three IPSec implementations to infer state machine models; then, we use model checking to verify that these models satisfy basic security properties and conform to the RFCs. Our analysis reveals three new security issues: a wrong interaction causing server exception and two violations of the standard.https://ieeexplore.ieee.org/document/8913552/IPSec protocolmodel learningmodel checking
collection DOAJ
language English
format Article
sources DOAJ
author Jiaxing Guo
Chunxiang Gu
Xi Chen
Fushan Wei
spellingShingle Jiaxing Guo
Chunxiang Gu
Xi Chen
Fushan Wei
Model Learning and Model Checking of IPSec Implementations for Internet of Things
IEEE Access
IPSec protocol
model learning
model checking
author_facet Jiaxing Guo
Chunxiang Gu
Xi Chen
Fushan Wei
author_sort Jiaxing Guo
title Model Learning and Model Checking of IPSec Implementations for Internet of Things
title_short Model Learning and Model Checking of IPSec Implementations for Internet of Things
title_full Model Learning and Model Checking of IPSec Implementations for Internet of Things
title_fullStr Model Learning and Model Checking of IPSec Implementations for Internet of Things
title_full_unstemmed Model Learning and Model Checking of IPSec Implementations for Internet of Things
title_sort model learning and model checking of ipsec implementations for internet of things
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2019-01-01
description With the development of Internet of Things (IoT) technology, the demand for secure communication by smart devices has dramatically increased, and the security of the IoT protocol has become the focus of cyberspace. Recently, some scholars have attempted to extend the IPSec protocol to IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) to ensure end-to-end security, which makes it essential to analyze the vulnerability of the IPSec protocol to enhance the security of the IoT. In this study, we use a method combining model learning and model checking to analyze the dynamic vulnerability of IPSec protocol implementations. This method automatically infers the black-box model and compares it with the relevant specifications to expose the defects of the system implementation and search its logic vulnerabilities. We first employ model learning on three IPSec implementations to infer state machine models; then, we use model checking to verify that these models satisfy basic security properties and conform to the RFCs. Our analysis reveals three new security issues: a wrong interaction causing server exception and two violations of the standard.
topic IPSec protocol
model learning
model checking
url https://ieeexplore.ieee.org/document/8913552/
work_keys_str_mv AT jiaxingguo modellearningandmodelcheckingofipsecimplementationsforinternetofthings
AT chunxianggu modellearningandmodelcheckingofipsecimplementationsforinternetofthings
AT xichen modellearningandmodelcheckingofipsecimplementationsforinternetofthings
AT fushanwei modellearningandmodelcheckingofipsecimplementationsforinternetofthings
_version_ 1724187820681068544

Similar Items