Abstract
Security protocols have been widely used to safeguard secure electronic transactions. We usually assume that principals are credible and will not maliciously disclose their individual secrets to someone else. Nevertheless, it is impractical to completely ignore the possibility that some principals may collude in private to achieve a fraudulent or illegal purpose.
Collusion attack has been recognized as a key issue in e-commerce systems and increasingly attracted people’s attention for quite some time in the literature on information security. Regardless of the wide application of security protocols, this attack has been largely ignored in the protocol analysis. There is a lack of efficient and intuitive approaches to identify this attack since it is usually hidden and too complicated to find. Therefore, it is critical to address the possibility of collusion attacks in order to analyse security protocols correctly. This chapter presents two frameworks by which to detect collusion attacks in security protocols. The possibility of security threats from insiders is especially taken into account. The results demonstrate that the frameworks are useful and promising in discovering and preventing collusion attacks, and enhancing the protocol analysis.
This chapter is organized as follows. Section 7.1 spells out our motivation to detect the collusion attack. Section 7.2 gives an overview to related work. In Section 7.3, we present the detection of collusion attack using data mining. The detection of collusion attack is converted into identifying frequent itemsets and matching rules. Section 7.4 presents a model by which to measure the probability of the attack using Bayesian networks. It helps users find the direct and indirect dependencies between secure messages. Section 7.5 concludes this chapter.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Chen, Q., Zhang, C., Zhang, S. (2008). Detection Models of Collusion Attacks. In: Secure Transaction Protocol Analysis. Lecture Notes in Computer Science, vol 5111. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85074-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-85074-8_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85073-1
Online ISBN: 978-3-540-85074-8
eBook Packages: Computer ScienceComputer Science (R0)