cispa_all_3475.pdf (436.15 kB)

On the Soundness of Infrastructure Adversaries

Download (436.15 kB)
conference contribution
posted on 2023-11-29, 18:17 authored by Alexander DaxAlexander Dax, Robert KünnemannRobert Künnemann
Companies and network operators perform risk assessment to inform policy-making, guide infrastructure investments or to comply with security standards such as ISO 27001. Due to the size and complexity of these networks, risk assessment techniques such as attack graphs or trees describe the attacker with a finite set of rules. This characterization of the attacker can easily miss attack vectors or overstate them, potentially leading to incorrect risk estimation. In this work, we propose the first methodology to justify a rule-based attacker model. Conceptually, we add another layer of abstraction on top of the symbolic model of cryptography, which reasons about protocols and abstracts cryptographic primitives. This new layer reasons about Internet-scale networks and abstracts protocols. We show, in general, how the soundness and completeness of a rule-based model can be ensured by verifying trace properties, linking soundness to safety properties and completeness to liveness properties. We then demonstrate the approach for a recently proposed threat model that quantifies the confidentiality of email communication on the Internet, including DNS, DNSSEC, and SMTP. Using off-the-shelf protocol verification tools, we discover two flaws in their threat model. After fixing them, we show that it provides symbolic soundness.


Preferred Citation

Alexander Dax and Robert Künnemann. On the Soundness of Infrastructure Adversaries. In: IEEE Computer Security Foundations Symposium (CSF). 2021.

Primary Research Area

  • Reliable Security Guarantees

Name of Conference

IEEE Computer Security Foundations Symposium (CSF)

Legacy Posted Date


Open Access Type

  • Green


@inproceedings{cispa_all_3475, title = "On the Soundness of Infrastructure Adversaries", author = "Dax, Alexander and Künnemann, Robert", booktitle="{IEEE Computer Security Foundations Symposium (CSF)}", year="2021", }

Usage metrics


    No categories selected


    Ref. manager