CONTRA Camouflage of Network Traffic to Resist Attack (Intrusion Tolerance Using Masking, Redundancy and Dispersion) DARPA OASIS PI Meeting – Hilton Head.

Slides:



Advertisements
Similar presentations
RIP V1 W.lilakiatsakun.
Advertisements

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
(4.4) Internet Protocols Layered approach to Internet Software 1.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Chapter 13 – Network Security
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Anonymity on the Internet Presented by Randy Unger.
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 9 Intermediate TCP/IP/ Access Control Lists (ACLs)
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.
K. Salah1 Security Protocols in the Internet IPSec.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Virtual Private Network (VPN) 1. A corporation with multiple geographic sites can use one of two approaches to building a corporate intranet. – Private.
Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
Virtual Private Network
CompTIA Security+ Study Guide (SY0-401)
IPSecurity.
Virtual Private Networks
Virtual Private Network (VPN)
Visit for more Learning Resources
Security in the layers 8: Network Security.
Distributed Systems.
Chapter 18 IP Security  IP Security (IPSec)
Domain 4 – Communication and Network Security
Securing the Network Perimeter with ISA 2004
Anonymous Communication
Network Fundamentals – Chapter 5
Introduction to Networking
Network Attacks Dylan Small.
Introduction to Networking
Virtual LANs.
Who should be responsible for risks to basic Internet infrastructure?
CompTIA Security+ Study Guide (SY0-401)
6.6 Firewalls Packet Filter (=filtering router)
Defending Against DDoS
Virtual Private Network (VPN)
I. Basic Network Concepts
Chapter 26: Network Security
Firewalls Routers, Switches, Hubs VPNs
Anonymous Communication
Lecture 2: Overview of TCP/IP protocol
Lecture 3: Secure Network Architecture
Introduction to Network Security
Virtual Private Networks (VPNs)
DDoS Attack and Its Defense
COMPUTER NETWORKS CS610 Lecture-29 Hammad Khalid Khan.
Session 20 INST 346 Technologies, Infrastructure and Architecture
Topic 12: Virtual Private Networks
Anonymous Communication
Virtual Private Network
Presentation transcript:

CONTRA Camouflage of Network Traffic to Resist Attack (Intrusion Tolerance Using Masking, Redundancy and Dispersion) DARPA OASIS PI Meeting – Hilton Head – March 12-15, 2002 Janet Lepanto William Weinstein The Charles Stark Draper Laboratory, Inc. Aegis Research Corporation® Aegis Research Corporation

DDoS Flooding Attack is Analogous to Jamming DDoS Flooding Attacks DDoS Flooding Attack is Analogous to Jamming Jammer concentrates energy at a particular frequency and location Jamming Attacker directs traffic against a particular IP address DDoS Flood Frequency Hopping Jamming Defenses IP Address Masking IP Address Hopping Flooding Defenses Energy Dispersion IP Identity Dispersion

Key Ideas Spread the identity of a server across multiple IP addresses Add redundancy to each message, and send a portion of each message to each of the IP addresses of the server If some of the addresses are flooded, that traffic can be dropped The messages can be reconstructed from the remaining traffic Prevent an attacker from associating a set of addresses with a particular server Force the attacker to dilute the attack by spreading the flood across randomly chosen sets of IP addresses

Assumptions CONTRA system comprises a set of cooperating hosts Communicate among themselves over the Internet Servers could be made available to outsiders by designating some of the clients as gateways Attacker attempts to determine address(es) of high value target By monitoring traffic at one or more accessible points of the Internet By analyzing communication patterns Attacker can use public data to determine IP block assignments Attacker knows the organization that is communicating Pipes have sufficient capacity to accommodate the total traffic

Approach Leverage selected aspects of Consider ease of deployment VPNs Anonymity systems Fault-tolerant communications Consider ease of deployment Implement as a communications proxy on top of UDP Redundancy in messages provides reliability Real source IP addresses can be masked Structure protocols to support Continuous operation through attack Distribution of reconfiguration information Monitoring of attack progress Extension to mitigate “insider” attacks

Implementation Messages are sent from a source to a destination host as follows: Messages are encoded with redundancy and divided into N parts, any K<N of which can be used to recover the message The N parts are sent over different paths, each of which contains at least one relay host that functions as a mix The N parts of the message are dispersed across all of the IP addresses that define the destination host The “real” IP addresses of the source and destination, and the message content, are encrypted Only the IP addresses of individual hops are exposed A virtual network topology can be chosen that exposes only a portion of the system’s IP address to an attacker sniffing at a single point

Message Encoding X = -1 X = ? Predetermined Transformation Origin Host Relay Host MESSAGE ? NETWORK M1 M2 M3 T11 T31 T41 T12 T32 T42 T13 T33 T43 -1 T21 T51 T22 T52 T23 T53 SELECT 1, 3, 4 T11 T21 T31 T41 T51 T12 T22 T32 T42 T52 T13 T23 T33 T43 T53 X Z1 Z2 Z3 Z4 Z5 = Z1 Z3 Z5 Z4 Destination Host w/ Multiple IP Addresses Z1 Z3 Z4 X = M1 M2 M3 MESSAGE

CONTRA Packet Structure Encrypted Between Hops Encrypted Source-to-Destination IP Header Transport Header CONTRA Header Payload Contains: Real SourceIP/port Real Destination IP/port K-of-N Encoding Msg Segment Number Padding Source/relay host status Vnet configuration status

Message Relay Relay Host Destination Source

Relay Operations Decrypt CONTRA header Extract real destination Change padding Reencrypt with key of next hop Mix

Server IP Address Assignments Internet Server listens on M >= N addresses K<N parts needed to rebuild message Site Router Server Client Server

Challenges Robustness of traffic mixing “Insider” attacks Minimum level of traffic “Insider” attacks Clients are users as well as relays The CONTRA proxy on the client needs to know the real addresses of CONTRA destinations Need to protect this information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.