We describe a new inconsistent case which is susceptible to occur while producing consistent answer set using prioritized default logic. We define new semantics for prioritized default logic in order to solve this problem. There is a sign difference between General and Extended logic programs. Extended logic programs are formulated using classical negation, For this reason, an inconsistent answer set can sometimes be produced. For the most part, default reasoning semantics successfully resolved this problem, but a conflict could still arise in one particular case. The purpose of this paper is to present this eventuality, and revise the semantics of default logic in order to give an answer to this problem.

Authentication server based security protocols are mainly used for enhancing security of wireless networks. In this paper, we specify RADIUS security protocol in wireless networks with Casper and CSP, and then verify their security properties such as secrecy and authentication using FDR. We also show that RADIUS protocol is vulnerable to the man-in-the-middle attack. In addition, we discuss its security weakness and potential countermeasures related with RADIUS. Finally, we fix it and propose a modified RADIUS protocol against the man-in-the-middle attack.

The security of a software program critically depends on the prevention of vulnerabilities in the source code; however, conventional computer programs lack the ability to identify vulnerable code in another program. Our research was aimed at developing a technique capable of generating substitution code for the detection of buffer overflow vulnerability in C/C++ programs. The technique automatically verifies and sanitizes code instrumentation by comparing the result of each candidate variable with that expected from the input data. Our results showed that statements containing buffer overflow vulnerabilities could be detected and prevented by using a substitution variable and by sanitizing code vulnerabilities based on the size of the variables. Thus, faults can be detected prior to execution of the statement, preventing malicious access. Our approach is particularly useful for enhancing software security monitoring, and for designing retrofitting techniques in applications.

The algebra of communicating shared resources (ACSR) is a timed process algebra which extends classical process algebras with the notion of a resource. In analyzing ACSR models, the existing techniques such as bisimulation checking and Hennessy-Milner Logic (HML) model checking are very important in theory of ACSR, but they are difficult to use for large complex system models in practice. In this paper, we suggest a framework to verify ACSR models against their requirements described in an expressive timed temporal logic. We demonstrate the usefulness of our approach with a real world case study.

In this paper, we analyze existing vulnerabilities in handover for mobile WiMAX networks. To overcome these vulnerabilities, we propose a secure handover protocol that guarantees mutual authentication and forward/backward secrecy in handover. We present a formal analysis of our protocol using a logic-based formal method.

Analyzing the schedulability of hierarchical real-time systems is difficult because of the systems' complex behavior. It gets more complicated when shared resources or dependencies among tasks are included. This paper introduces a framework based on UPPAAL that can analyze the schedulability of hierarchical real-time systems.

We propose a user authentication scheme with user anonymity for wireless communications. Previous works have some weaknesses such as (1) user identity can be revealed from the login message, and (2) after a smart card is no longer valid or is expired, users having the expired smart cards can generate valid login messages under the assumption that the server does not maintain the user information. In this letter, we propose a new user authentication scheme for providing user anonymity. In the proposed scheme, the server is capable of detecting forged login messages by users having only expired smart cards and their passwords without storing user information on the server.

SDN (Software-Defined Networking) enables software applications to program individual network devices dynamically and therefore control the behavior of the network as a whole. Incomplete programming and/or inconsistency with the network policy of SDN software applications may lead to verification issues. The objective of this paper is to describe the formal modeling that uses the process algebra called pACSR and then suggest a method to verify the firewall application running on top of the SDN controller. The firewall rules are translated into a pACSR process which acts as the specification, and packet's behaviors in SDN are also translated to a pACSR process which is a role as the implementation. Then we prove the correctness by checking whether the parallel composition of two pACSR processes is deadlock-free. Moreover, in the case of network topology changes, our verification can be directly applied to check whether any mismatches or inconsistencies will occur.