Abstract
Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.
Chapter PDF
Similar content being viewed by others
Keywords
- Model Check
- Session Initiation Protocol
- Proxy Server
- Statistical Model Check
- Session Initiation Protocol Message
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Blanchet, B., Fournet, C.: Just fast keying in the pi calculus. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 340–354. Springer, Heidelberg (2004)
Agha, G., Gunter, C.A., Greenwald, M., Khanna, S., Meseguer, J., Sen, K., Thati, P.: Formal modeling and analysis of DoS using probabilistic rewrite theories. In: International Workshop on Foundations of Computer Security, FCS 2005 (2005)
Agha, G., Meseguer, J., Sen, K.: PMaude: Rewrite-based specification language for probabilistic object systems. Electronic Notes in Theoretical Computer Science 153(2), 213–239 (2006)
AlTurki, M., Meseguer, J., Gunter, C.A.: Probabilistic modeling and analysis of DoS protection for the ASV protocol. Electron. Notes Theor. Comput. Sci. 234, 3–18 (2009)
Chadha, R., Gunter, C.A., Meseguer, J., Shankesi, R., Viswanathan, M.: Modular preservation of safety properties by cookie-based DoS-protection wrappers. In: Formal Methods for Open Object-Based Distributed Systems, pp. 39–58 (2008)
Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C.: All About Maude - A High-Performance Logical Framework: How to Specify, Program, and Verify Systems in Rewriting Logic. LNCS. Springer, Heidelberg (2007)
Denker, G., Meseguer, J., Talcott, C.L.: Protocol specification and analysis in Maude. In: Proc. of Workshop on Formal Methods and Security Protocols (1998)
Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Multiset rewriting and the complexity of bounded security protocols. J. Comput. Secur. 12(2), 247–311 (2004)
Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties. Theor. Comput. Sci. 367(1), 162–202 (2006)
Goodloe, A.E.: A Foundation for Tunnel-Complex Protocols. PhD thesis, University of Pennsylvania (2008)
Gupta, P., Shmatikov, V.: Security analysis of voice-over-ip protocols. In: 20th IEEE Computer Security Foundations Symposium, Venice, Italy, pp. 49–63. IEEE Computer Society Press, Los Alamitos (2007)
IETF. SIP: Session Initiation Protocol. RFC 3261 (Proposed Standard), Updated by RFCs 3265, 3853, 4320, 4916, 5393 (June 2002)
IETF. Addressing an Amplification Vulnerability in Forking Proxies draft-ietf-sip-fork-loop-fix-00. Internet-Draft (February 2006)
IETF. Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies. RFC 5393 (Proposed Standard) (December 2008)
Kim, M.-Y., Stehr, M.-O., Talcott, C., Dutt, N., Venkatasubramanian, N.: A probabilistic formal analysis approach to cross layer optimization in distributed embedded systems. In: Bonsangue, M.M., Johnsen, E.B. (eds.) FMOODS 2007. LNCS, vol. 4468, pp. 285–300. Springer, Heidelberg (2007)
Lafrance, S., Mullins, J.: An information flow method to detect denial of service vulnerabilities. J. UCS 9(11), 1350–1369 (2003)
Mahimkar, A., Shmatikov, V.: Game-based analysis of denial-of-service prevention protocols. In: IEEE Computer Security Foundations Workshop (CSFW-18 2005). IEEE Computer Society Press, Los Alamitos (2005)
Meadows, C.: A formal framework and evaluation method for network denial of service. In: CSFW, pp. 4–13 (1999)
Meseguer, J.: Conditional rewriting logic as a unified model of concurrency. Theor. Comput. Sci. 96(1), 73–155 (1992)
Meseguer, J.: Rewriting logic and maude: a wide-spectrum semantic framework for object-based distributed systems. In: Smith, S.F., Talcott, C.L. (eds.) FMOODS. IFIP Conference Proceedings, vol. 177, pp. 89–117. Kluwer, Dordrecht (2000)
Sen, K., Viswanathan, M., Agha, G.A.: On Statistical Model Checking of Stochastic Systems. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 266–280. Springer, Heidelberg (2005)
Wang, X., Zhang, R., Yang, X., Jiang, X., Wijesekera, D.: Voice pharming attack and the trust of VoIP. In: SecureComm 2008: Proceedings of the 4th international conference on Security and privacy in communication netowrks, pp. 1–11. ACM Press, New York (2008)
Younes, H.L.S., Simmons, R.G.: Statistical probabilistic model checking with a focus on time-bounded properties. Inf. Comput. 204(9), 1368–1409 (2006)
Yu, C.-F., Gligor, V.D.: A specification and verification method for preventing denial of service. IEEE Trans. Softw. Eng. 16(6), 581–592 (1990)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shankesi, R., AlTurki, M., Sasse, R., Gunter, C.A., Meseguer, J. (2009). Model-Checking DoS Amplification for VoIP Session Initiation. In: Backes, M., Ning, P. (eds) Computer Security – ESORICS 2009. ESORICS 2009. Lecture Notes in Computer Science, vol 5789. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04444-1_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-04444-1_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04443-4
Online ISBN: 978-3-642-04444-1
eBook Packages: Computer ScienceComputer Science (R0)