Author: Vasserman Eugene
Publisher: Springer Publishing Company
ISSN: 1615-5262
Source: International Journal of Information Security (IJIS), Vol.8, Iss.2, 2009-04, pp. : 121-135
Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.
Abstract
Port knocking is a technique to prevent attackers from discovering and exploiting vulnerable network services, while allowing access for authenticated users. Unfortunately, most work in this area suffers from a lack of a clear threat model or motivation. To remedy this, we introduce a formal security model for port knocking, show how previous schemes fail to meet our definition, and give a provably secure scheme. We also present SilentKnock, an implementation of this protocol that is provably secure under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with existing applications.
Related content
By Alimhan Keylan Inaba Hiroshi
International Journal of Modelling, Identification and Control, Vol. 5, Iss. 1, 2008-12 ,pp. :
Hunting for undetectable metamorphic viruses
By Lin Da
Journal in Computer Virology, Vol. 7, Iss. 3, 2011-08 ,pp. :
A provably complete exploration strategy by constructing Voronoi diagrams
By Kim Jonghoek
Autonomous Robots, Vol. 29, Iss. 3-4, 2010-11 ,pp. :