A Formal Framework and Evaluation Method for Protocol Denial of Service
Catherine Meadows - Naval Research Laboratory
Oct 08, 1999
AbstractDenial of service is becoming a growing concern. As our systems communicate more and more with others that we know less and less, they become increasingly vulnerable to hostile intruders who may take advantage of the very protocols intended for the establishment and authentication of communication to tie up our resources and disable our servers. Since these attacks occur before parties are authenticated to each other, we cannot rely upon enforcement of the appropriate access control policy to protect us. Instead we must build our defenses, as much as possible, into the protocols themselves. This talk shows how some principles that have already been used to make protocols more resistant to denial of service can be formalized, and indicates the ways in which existing cryptographic protocol analysis tools could be modified to operate within this framework.
About the SpeakerCatherine Meadows is head of the Formal Methods Section in the Center for High Assurance Computer Systems at the Naval Research Laboratory She has published more than 50 papers on formal methods, cryptography, and security. Her research interests include the application of formal methods to computer security, in particular to the evaluation of cryptographic protocols and distributed systems. She has also been involved in the organization of numerous conferences on security and reliability, having been program chair of the Computer Security Foundations Workshop, the IEEE Symposium on Security and Privacy, the IEEE Symposium on High Assurance System Engineering, and the Sixth IFIP Working Conference on Dependable Computing for Critical Applications. She is also a founding member of IFIP Working Group 1.7 on Foundations of Security Analysis and Design. Prior to coming to NRL, she was an assistant professor of mathematics at Texas A&M University from 1981-1985. Dr. Meadows received a B.A. in mathematics from the University of Chicago in 1975 and a Ph.D. in mathematics from the University of Illinois in 1981.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.