Lazy Mobile Intruders

Sebastian Alexander Mödersheim; Flemming Nielson; Hanne Riis Nielson

Lazy Mobile Intruders

Sebastian Alexander Mödersheim, Flemming Nielson, Hanne Riis Nielson

Research output: Book/Report › Report › Research

186 Downloads (Pure)

Abstract

We present a new technique for analyzing platforms that execute potentially malicious code, such as web-browsers, mobile phones, or virtualized infrastructures. Rather than analyzing given code, we ask what code an intruder could create to break a security goal of the platform. To avoid searching the infinite space of programs that the intruder could come up with (given some initial knowledge) we adapt the lazy intruder technique from protocol verification: the code is initially just a process variable that is getting instantiated in a demand-driven way during its execution. We also take into account that by communication, the malicious code can learn new information that it can use in subsequent operations, or that we may have several pieces of malicious code that can exchange information if they \meet". To formalize both the platform and the malicious code we use the mobile ambient calculus, since it provides a small, abstract formalism that models the essence of mobile code. We provide a decision procedure for security against arbitrary intruder ambients when the honest ambients can only perform a bounded number of steps and without path constraints in communication.

Original language	English

Place of Publication	Kgs. Lyngby
Publisher	Technical University of Denmark
Number of pages	20
Publication status	Published - 2012

Series	D T U Compute. Technical Report
Number	2012-13
ISSN	1601-2321

Access to Document

Tr12 13 SebastianMoedersheimFinal published version, 316 KB

Fingerprint Dive into the research topics of 'Lazy Mobile Intruders'. Together they form a unique fingerprint.

Cite this

@book{ee56ace87bab40beacb518d4dfe110b5,

title = "Lazy Mobile Intruders",

abstract = "We present a new technique for analyzing platforms that execute potentially malicious code, such as web-browsers, mobile phones, or virtualized infrastructures. Rather than analyzing given code, we ask what code an intruder could create to break a security goal of the platform. To avoid searching the infinite space of programs that the intruder could come up with (given some initial knowledge) we adapt the lazy intruder technique from protocol verification: the code is initially just a process variable that is getting instantiated in a demand-driven way during its execution. We also take into account that by communication, the malicious code can learn new information that it can use in subsequent operations, or that we may have several pieces of malicious code that can exchange information if they \meet{"}. To formalize both the platform and the malicious code we use the mobile ambient calculus, since it provides a small, abstract formalism that models the essence of mobile code. We provide a decision procedure for security against arbitrary intruder ambients when the honest ambients can only perform a bounded number of steps and without path constraints in communication.",

author = "M{\"o}dersheim, {Sebastian Alexander} and Flemming Nielson and Nielson, {Hanne Riis}",

year = "2012",

language = "English",

series = "D T U Compute. Technical Report",

publisher = "Technical University of Denmark",

number = "2012-13",

}

TY - RPRT

T1 - Lazy Mobile Intruders

AU - Mödersheim, Sebastian Alexander

AU - Nielson, Flemming

AU - Nielson, Hanne Riis

PY - 2012

Y1 - 2012

N2 - We present a new technique for analyzing platforms that execute potentially malicious code, such as web-browsers, mobile phones, or virtualized infrastructures. Rather than analyzing given code, we ask what code an intruder could create to break a security goal of the platform. To avoid searching the infinite space of programs that the intruder could come up with (given some initial knowledge) we adapt the lazy intruder technique from protocol verification: the code is initially just a process variable that is getting instantiated in a demand-driven way during its execution. We also take into account that by communication, the malicious code can learn new information that it can use in subsequent operations, or that we may have several pieces of malicious code that can exchange information if they \meet". To formalize both the platform and the malicious code we use the mobile ambient calculus, since it provides a small, abstract formalism that models the essence of mobile code. We provide a decision procedure for security against arbitrary intruder ambients when the honest ambients can only perform a bounded number of steps and without path constraints in communication.

AB - We present a new technique for analyzing platforms that execute potentially malicious code, such as web-browsers, mobile phones, or virtualized infrastructures. Rather than analyzing given code, we ask what code an intruder could create to break a security goal of the platform. To avoid searching the infinite space of programs that the intruder could come up with (given some initial knowledge) we adapt the lazy intruder technique from protocol verification: the code is initially just a process variable that is getting instantiated in a demand-driven way during its execution. We also take into account that by communication, the malicious code can learn new information that it can use in subsequent operations, or that we may have several pieces of malicious code that can exchange information if they \meet". To formalize both the platform and the malicious code we use the mobile ambient calculus, since it provides a small, abstract formalism that models the essence of mobile code. We provide a decision procedure for security against arbitrary intruder ambients when the honest ambients can only perform a bounded number of steps and without path constraints in communication.

M3 - Report

T3 - D T U Compute. Technical Report

BT - Lazy Mobile Intruders

PB - Technical University of Denmark

CY - Kgs. Lyngby

ER -