On the Security and Vulnerability of PING
نویسندگان
چکیده
We present a formal specification of the PING protocol, and use three concepts of convergence theory, namely closure, convergence, and protection, to show that this protocol is secure against weak adversaries (and insecure against strong ones). We then argue that despite the security of PING against weak adversaries, the natural vulnerability of this protocol (or of any other protocol for that matter) can be exploited by a weak adversary to launch a denial of service attack against any computer that hosts the protocol. Finally, we discuss three mechanisms, namely ingress filtering, hop integrity, and soft firewalls that can be used to prevent denial of service attacks in the Internet.
منابع مشابه
Formal approach on modeling and predicting of software system security: Stochastic petri net
To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...
متن کاملDifferential Power Analysis: A Serious Threat to FPGA Security
Differential Power Analysis (DPA) implies measuring the supply current of a cipher-circuit in an attempt to uncover part of a cipher key. Cryptographic security gets compromised if the current waveforms obtained correlate with those from a hypothetical power model of the circuit. As FPGAs are becoming integral parts of embedded systems and increasingly popular for cryptographic applications and...
متن کاملSecurity testing of session initiation protocol implementations
The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...
متن کاملExplaining of housing vulnerability in rural areas Case Study: Neyriz Township
Introduction Rural areas are more vulnerable to earthquake hazards than urban areas but the vulnerability of rural areas has always been neglected and few studies are worrying about it. Given the importance of villages and played the crucial role in socio-economic development and national security, providing adequate housing for villagers and addressing the problems in this area, in particular...
متن کاملAn Analysis of Spatial Pathology of the Physical and Social Structure of the City with Non-Relevant Defense Approach Case Study: Tehran Metropolitan Area
Using the passive defense principles in urban plans and projects is important in the context of land use planning, reinforced concrete, citizen education, and increasing urban resiliency. Observing and adhering to these principles will reduce the vulnerability of the city and citizens to security and military threats. Therefore, this study aims at evaluating the spatial pathology of the physica...
متن کاملAnalysis of spatial vulnerability of threatened strategic urban centers from the point of view of passive defense (case study: Bojnurd city)
Background and objective: Safety and security against threats is one of the most basic principles in order to achieve the desired standards of urban comfort, and attention to the passive defense of cities against external threats has always been considered since the beginning of the formation of cities. Therefore, the purpose of this study is to provide management strategies to reduce the exist...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001