通訊協定與網路應用程式安全性驗證方法之研究

Wen-Zen Chen; 陳文振

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/37071

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	蔡益坤
dc.contributor.author	Wen-Zen Chen	en
dc.contributor.author	陳文振	zh_TW
dc.date.accessioned	2021-06-13T15:18:43Z	-
dc.date.available	2008-08-08
dc.date.copyright	2008-08-08
dc.date.issued	2008
dc.date.submitted	2008-07-23
dc.identifier.citation	[1] Martin Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749-786, 1999. [2] Martin Abadi and Bruno Blanchet. Analyzing security protocols with secrecy types and logic programs. POPL, 2002:33-44, 2002. [3] K. Adi and M. Debbabi. Abstract interpretation for proving secrecy properties in security protocols. Electronic Notes in Theoretical Computer Science, 55(1):1-26, 2004. [4] C. Allen, P. Avgustinov, A. S. Christensen, L. Hendren, S. Kuzins, O. Lhotak, O. de Moor, D. Sereni, G. Sittampalam, and J. Tibble. Adding trace matching with free variables to AspectJ. Proceedings of the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, 2005. [5] AVISPA. Deliverable 2.1: The high-level protocol speci cation language. 2003. [6] AVISPA. Deliverable 2.3: The intermediate format. 2003. [7] AVISPA. HLPSL tutorial. 2006. [8] D. Basin. Lazy in nite-state analysis of security protocols. Proceedings of CQRE'99, 1740:30-42, 1999. [9] David A. Basin, Sebastian M odersheim, and Luca Vigano. OFMC: A symbolic model checker for security protocols. Int. J. Inf. Sec., 4(3):181-208, 2005. [10] M. Berndl, O.Lhotak, and F. Qian. Points-to analysis using BDDs. Proceedings of the SIGPLAN Conference on Programming Language Design and Implementation, pages 103-114, 2003. [11] S. Bistarelli, I. Cervesato, G. Lenzini, and F. Martinelli. Relating process algebras and multiset rewriting for security protocol analysis. Technical report, Istituto di Scienza e Tecnologie dell'Informazione (ISTI-CNR), 2002. [12] Bruno Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. CSFW, 2001:82-96, 2001. [13] R. E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, 35(8):677-691, 1986. [14] J.R. Buchi. On a decision method in restricted second order arithmetic. Proceedings of the International Congress on Logic, Methodology and Philosophy of Science, pages 1-12, 1960. [15] M. Burrows, M. Abadi, and R. Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18-36, 1990. [16] H. Comon and V. Shmatikov. Is it possible to decide whether a cryptographic protocol is secure or not? Journal Telecommunication and Information Technology, 4:5-15, 2002. [17] D. E. Denning. A lattice model of secure information ow. Communications of the ACM, 19(5):236-243, 1976. [18] D. Dolev and A. Yao. On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29):198-208, 1983. [19] M. F ahndrich, J. Rehof, and M. Das. Scalable context-sensitive flow analysis using instantiation constraints. Proceedings of the SIGPLAN Conference on Programming Language Design and Implementation, pages 253-263, 2000. [20] Simon F. Goldsmith, Robert O'Callahan, and Alex Aiken. Relational queries over program traces. Conference on Object Oriented Programming Systems Languages and Applications, pages 385-402, 2005. [21] Y.-W. Huang, C.-H. Tsai, T.-P. Lin, S.-K. Huang, D. T. Lee, and S.-Y. Kuo. A testing framework for Web application security assessment. Computer Networks, 48(5):739-761, 2005. [22] Y.-W. Huang, F. Yu, C. Hang, C.-H. Tsai, D. T. Lee, and S.-Y. Kuo. Securing web application code by static analysis and runtime protection. Proceedings of the 13th International Conference on World Wide Web, pages 40-52, 2004. [23] Y.-W. Huang, F. Yu, C. Hang, C.-H. Tsai, D. T. Lee, and S.-Y. Kuo. Verifying web applications using bounded model checking. International Conference on Dependable Systems and Networks, pages 199-208, 2004. [24] John Irwin, Jean-Marc Loingtier, John R. Gilbert, Gregor Kiczales, John Lamping, Anurag Mendhekar, and Tatiana Shpeisman. Aspect-oriented programming of sparse matrix code. ISCOPE, pages 249-256, 1997. [25] N. Jovanovic, C. Kruegel, and E. Kirda. Pixy: a static analysis tool for detecting web application vulnerabilities. IEEE Symposium on Security and Privacy, 2006. [26] Nenad Jovanovic, Christopher Kruegel, and Engin Kirda. Pixy: a static analysis tool for detecting web application vulnerabilities. IEEE Symposium on Security and Privacy, 2006. [27] Gregor Kiczales, Erik Hilsdale, Jim Hugunin, Mik Kersten, Je rey Palm, and William G. Griswold. An overview of AspectJ. Lecture Notes in Computer Science, 2072:327-355, 2001. [28] D. Kindred and J. M. Wing. Fast, automatic checking of security protocols. USENIX 2nd Workshop on Electronic Commerce, pages 41-52, 1996. [29] N. Lynch and M. Tuttle. An introduction to input/output automata. CWIQuarterly, 2(3):219-246, 1989. [30] W. Marrero, E. Clarke, and S. Jha. Model checking for security protocols. Technical Report CMU-CS-97-139, Carnegie Mellon University, 1997. [31] M. C. Martin, B. Livshits, and M. S. Lam. Finding application errors and security flaws using PQL: a Program Query Language. Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 365-383, 2005. [32] M. C. Martin, B. Livshits, and M. S. Lam. Securing web applications with static and dynamic information flow tracking. ACM SIGPLAN 2008 Workshop on Partial Evaluation and Program Manipulation (PEPM), 2008. [33] O. Muller. A veri cation environment for I/O automata based on formalized metatheory. PhD Thesis, Technische Universit aat M unchen, 1998. [34] K. Ostermann, M. Mezini, and C.Bockisch. Expressive pointcuts for increased modularity. European Conference on Object-Oriented Programming (ECOOP), 2005. [35] OWASP. The ten most critical web application security vulnerabilities. 2007. [36] U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. Proc. 10th USENIX Security Symposium, pages 201-220, 2002. [37] Oleg Sheyner and Jeannette Wing. Towards compositional analysis of security protocols using theorem. the Thirteenth IEEE Computer Security Foundations Workshop, 2000. [38] R.E. Strom and S. A. Yemini. Typestate: a programming language concept for enhancing software reliability. IEEE Transactions on Software Engineering, 12(1):157-171, 1986. [39] Z. Su and G.Wassermann. The essence of command injection attacks in web applications. POPL'06: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 372-382, 2006. [40] J. D. Ullman. Principles of database and knowledge-base systems. Vol. 2, Computer Science Press, Inc., Rockville, Md., 1989. [41] D. von Oheimb. The high-level protocol speci cation language HLPSL developed in the EU project AVISPA. Proceedings of APPSEM 2005 Workshop, 2005. [42] C. Weidenbach, B. Afshordel, U. Brahm, C. Cohrs, T. Engel, E. Keen, C. Theobalt, and D. Topic. System description: Spass version 1.0.0. 16th International Conference on Automated Deduction, CADE-16, LNAI, Springer, 1999. [43] Christoph Weidenbach. Towards an automatic analysis of security protocols in first-order logic. Conference on Automated Deduction, pages 314-328, 1999. [44] J. Whaley and M. S. Lam. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation, 2004.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/37071	-
dc.description.abstract	因為網路已經成為一個溝通上的基本要件，所以網路的安全性也跟著變得相當重要。而網路的安全性又可以從兩部分去看：安全性通訊協定和網路應用程式。在安全性通訊協定方面，隱私性和身份確認是兩樣常常被用來當作安全性驗證的共同目標。隱私性代表溝通過程中，訊息不能被非預期的對象所取得；身份確認則是用來防止網路中惡意的使用者假冒別人的身份去傳送訊息。在網路應用程式方面，跨站腳本攻擊和資料隱碼是OWASP在2007年排名出來最常發生的破壞行為的前兩名，因此也常被驗證方法用來當作偵測的目標。跨站腳本攻擊允許惡意使用者在受害者的瀏覽器上執行一些腳本語言，以達到偷取使用者cookie，插入惡意內容，甚至是控制整個瀏覽器等目的。資料隱碼則是藉由輸入一些不尋常的字串到網路應用程式裡，用來破壞或竊取資料庫。在這篇論文裡面，我們總結了許多具代表性的驗證方法，不管是針對安全性通訊協定或是網路應用程式。在安全性通訊協定方面，我們主要深入研究兩個專案：AVISPA和ProVerif。這兩個專案的共通特性是他們都是state-exploration的方法。不過AVISPA又多了一些協助的機制，像是lazy intruder可以控制state的擴張。同時我們也概括收錄了其他驗證方法，例如定理證明、首階邏輯，或是模型檢驗。在網路應用程式方面，我們則是總結並探討了PQL和WebSSARI這兩個系統。PQL系統自己開發了一套用來描述弱點形態的語言。它最主要包括了可以保證不會漏報弱點的一套靜態分析方法，以及利用靜態分析結果來提高運作效率的動態偵測方法。WebSSARI則是先定義好污染數據和弱點函數，再將PHP程式碼轉換成一連串的邏輯限制式，用找反例的方式去找尋弱點。我們也說明了其他相關的系統，像是AspectJ，SQLCheck，和PTQL等。最後我們也對AVISPA和ProVerif作了一些比較。	zh_TW
dc.description.abstract	Network security is essential because networks have become a basic element of communications. There are two critical parts of network security: security protocols and web applications. For security protocols, secrecy and authentication are two common properties that are usually checked by security protocol verifiers. Secrecy means that no unexpected agents could get the secret contents of messages. Authentication basically indicates that a message which appears to be from some agent is actually sent by the same agent. For web applications, there are many kinds of vulnerabilities. Between them, cross site scripting and injection flaws like SQL injection are the most common vulnerabilities summarized by OWASP. Cross site scripting allows attackers to execute script in the victim's browser, which can steal user sessions, insert malicious context, and even control the browser. SQL injection inputs unexpected string as queries and can be used to operate the database without authorization. In this thesis, we review several representative verification methods for security protocols and web applications in detail. For security protocols, we study two projects in depth: AVISPA and ProVerif. The commonality of these two projects is that they are both state-exploration methods. However, the AVISPA project has some additional assistant mechanisms such as the lazy intruder to control over the state exploration. We also survey other methods using theorem proving, first-order logic, and model checking. For web applications, the two systems, PQL and WebSSARI, are summarized and discussed. PQL has its own query language to specify vulnerable patterns and utilizes static analysis, which guarantee no false negatives, and dynamic monitoring, which is based on the result of the static analysis. WebSSARI defines the tainted data and sinks in advance and transforms the verification into SAT. It also provides a strategy of efficiently sanitizing. Other related works like AspectJ, SQLCheck, and PTQL are also briefly explained. Finally, we compare AVISPA with ProVerif, and PQL with WebSSARI.	en
dc.description.provenance	Made available in DSpace on 2021-06-13T15:18:43Z (GMT). No. of bitstreams: 1 ntu-97-R95725025-1.pdf: 868395 bytes, checksum: c389a1c1755e05d93ecc3ee60edecb04 (MD5) Previous issue date: 2008	en
dc.description.tableofcontents	1 Introduction 1 1.1 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Motivation and Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Thesis Outline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2 Preliminaries 4 2.1 Pi Calculus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1.1 Process Constructs . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.3 Structural Congruence . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.4 Reduction Semantics . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2 Datalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3 Model Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3.1 Relevant Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.4 Automata Theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.4.2 Automata on Finite Words . . . . . . . . . . . . . . . . . . . . . . 9 2.4.3 Automata on Innite Words . . . . . . . . . . . . . . . . . . . . . 9 3 Automated Veriers for Security Protocols 10 3.1 The AVISPA project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.1.1 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.1.2 HLPSL Specication . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.1.3 The Intermediate Format . . . . . . . . . . . . . . . . . . . . . . . 15 3.1.4 The On-the- y Model Checker . . . . . . . . . . . . . . . . . . . . 19 3.2 The ProVerif project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.2.1 The Representation by Pi Calculus . . . . . . . . . . . . . . . . . 24 3.2.2 The Protocol Checker . . . . . . . . . . . . . . . . . . . . . . . . 25 3.2.3 Secrecy Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 3.3 Others . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.3.1 Theorem Proving . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.3.2 First-Order Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 3.3.3 Model Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 3.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.4.1 A Common Architecture . . . . . . . . . . . . . . . . . . . . . . . 34 3.4.2 Comparisons Between AVISPA and ProVerif . . . . . . . . . . . . 35 4 Automated Veriers for Web Applications 37 4.1 The PQL System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 4.1.1 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 4.1.2 PQL Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 4.1.3 Context-Sensitive Pointer Alias Analysis . . . . . . . . . . . . . . 44 4.1.4 Sound Static Analysis . . . . . . . . . . . . . . . . . . . . . . . . 52 4.1.5 Optimized Dynamic Monitoring . . . . . . . . . . . . . . . . . . . 55 4.2 The WebSSARI System . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 4.2.1 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 4.2.2 Type-Based Approach . . . . . . . . . . . . . . . . . . . . . . . . 58 4.2.3 Bounded Model Checking . . . . . . . . . . . . . . . . . . . . . . 61 4.3 Others . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 4.3.1 AspectJ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 4.3.2 SQLCheck . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 4.3.3 PTQL and PARTIQLE . . . . . . . . . . . . . . . . . . . . . . . . 70 4.3.4 Pixy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 4.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 4.4.1 Comparisons Between PQL and WebSSARI . . . . . . . . . . . . 79 4.4.2 A Classication of Automated Verifiers . . . . . . . . . . . . . . . 80 5 Conclusion 83 5.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 5.2 Future Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Bibliography 91
dc.language.iso	en
dc.subject	正規化驗證	zh_TW
dc.subject	PQL	zh_TW
dc.subject	自動化驗證方法	zh_TW
dc.subject	安全通訊協定	zh_TW
dc.subject	AVISPA	zh_TW
dc.subject	ProVerif	zh_TW
dc.subject	WebSSARI	zh_TW
dc.subject	網路應用程式	zh_TW
dc.subject	Web Applications	en
dc.subject	WebSSARI	en
dc.subject	PQL	en
dc.subject	ProVerif	en
dc.subject	AVISPA	en
dc.subject	Automated Verifier	en
dc.subject	Security Protocols	en
dc.subject	Formal Verification	en
dc.title	通訊協定與網路應用程式安全性驗證方法之研究	zh_TW
dc.title	A Study of Automated Verifiers for Security Protocols and Web Applications	en
dc.type	Thesis
dc.date.schoolyear	96-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	陳恭,王柏堯
dc.subject.keyword	安全通訊協定,網路應用程式,正規化驗證,自動化驗證方法,AVISPA,ProVerif,PQL,WebSSARI,	zh_TW
dc.subject.keyword	Security Protocols,Web Applications,Formal Verification,Automated Verifier,AVISPA,ProVerif,PQL,WebSSARI,	en
dc.relation.page	90
dc.rights.note	有償授權
dc.date.accepted	2008-07-25
dc.contributor.author-college	管理學院	zh_TW
dc.contributor.author-dept	資訊管理學研究所	zh_TW
顯示於系所單位：	資訊管理學系

文件中的檔案：

檔案	大小	格式
ntu-97-1.pdf 未授權公開取用	848.04 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。