An environment for security protocol intrusion

Get BibTex-formatted data

Author

Yasinsac, Alec

Entry type

article

Abstract

Secure electronic communication relies on cryptography. Even with perfect encryption, communication may be compromised without effective security protocols for key exchange, authentication, etc. We are now seeing proliferation of large secure environments characterized by high volume, encrypted traffic between principals, facilitated by Public Key Infrastructures (PKI). PKI's are dependent on security protocols. Unfortunately, security protocols are susceptible to subtle errors. To date, we have relied on formal methods to tell us if security protocols are effective. These methods do not provide complete or measurable protocol security. Security protocols are also subject to the same implementation and administrative vulnerabilities as communication protocols. As a result, we will continue to operate security protocols that have flaws. In this paper, we describe a method and architecture to detect intrusions in security protocol environments such as Public Keys Infrastructures. Our method is based on classic techniques of knowledge-based and behavior-based intrusion detection systems.

Date

2002

Journal

Journal of Computer Security

Key alpha

Yasinsac

Pages

177-188

Publisher

IOS Press

School

Flordia State University Computer Science Department

Affiliation

Journal of Computer Security IOS Press

Publication Date

2002-01-01

Copyright

2002 by the IOS Press

Language

English

Location

A hard-copy of this is in the Papers Cabinet

Price

$8.00

Subject

security protocol intrusion

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Yasinsac,
	title = "An environment for security protocol intrusion",
	author = "Yasinsac, Alec",
	year = "2002",
	journal = "Journal of Computer Security",
	pages = "177-188",
	publisher = "IOS Press",
	school = "Flordia State University Computer Science Department",
	abstract = "Secure electronic communication relies on cryptography.  Even with perfect encryption, communication may be compromised without effective security protocols for key exchange, authentication, etc.  We are now seeing proliferation of large secure environments characterized by high volume, encrypted traffic between principals, facilitated by Public Key Infrastructures (PKI). PKI's are dependent on security protocols.  Unfortunately, security protocols are susceptible to subtle errors.  To date, we have relied on formal methods to tell us if security protocols are effective.  These methods do not provide complete or measurable protocol security.  Security protocols are also subject to the same implementation and administrative vulnerabilities as communication protocols.  As a result, we will continue to operate security protocols that have flaws. In this paper, we describe a method and architecture to detect intrusions in security protocol environments such as Public Keys Infrastructures.  Our method is based on classic techniques of knowledge-based and behavior-based intrusion detection systems.",
	affiliation = "Journal of Computer Security   IOS Press ",
	copyright = "2002 by the IOS Press",
	language = "English",
	price = "$8.00",
	subject = "security protocol intrusion",
}