Mining inconsistent secure messages toward analyzing security protocols

Traditional approaches such as theorem proving and model checking have been successfully used to analyze security protocols. Ideally, they assume the data communication is reliable and require the user to predetermine authentication goals. However, missing and inconsistent data have been greatly ignored, and the increasingly complicated security protocol makes it difficult to predefine such goals. This paper presents a novel approach to analyze security protocols using association rule mining. It is able to not only validate the reliability of transactions but also discover potential correlations between secure messages. The algorithm and experiment demonstrate that our approaches are useful and promising.

[1]  Jian Pei,et al.  Mining frequent patterns without candidate generation , 2000, SIGMOD '00.

[2]  Shichao Zhang,et al.  Dealing with Inconsistent Secure Messages , 2004, PRICAI.

[3]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[4]  Jeannette M. Wing,et al.  Model checking electronic commerce protocols , 1996 .

[5]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[6]  Gu Si-yang,et al.  Privacy preserving association rule mining in vertically partitioned data , 2006 .

[7]  Tomasz Imielinski,et al.  Database Mining: A Performance Perspective , 1993, IEEE Trans. Knowl. Data Eng..

[8]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[9]  E DenningDorothy,et al.  Timestamps in key distribution protocols , 1981 .

[10]  Marco Schaerf,et al.  Arbitration (or How to Merge Knowledge Bases) , 1998, IEEE Trans. Knowl. Data Eng..

[11]  Diomidis Spinellis,et al.  Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification , 1999, Comput. Commun..

[12]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[13]  Alberto O. Mendelzon,et al.  Knowledge Base Merging by Majority , 1999 .

[14]  Shichao Zhang,et al.  Association Rule Mining: Models and Algorithms , 2002 .

[15]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[16]  Ramakrishnan Srikant,et al.  Mining quantitative association rules in large relational tables , 1996, SIGMOD '96.