Security Vulnerabilities in Protocols

Slides:



Advertisements
Similar presentations
Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Advertisements

Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.
Cloud computing security related works in ITU-T SG17
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lucent Technologies - Proprietary 27 September, A look at security of Voice over IP protocols Irene Gassko Lucent Technologies Bell Laboratories.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Network Protocols UNIT IV – NETWORK MANAGEMENT FUNDAMENTALS.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
1.1 What is the Internet What is the Internet? The Internet is a shared media (coaxial cable, copper wire, fiber optics, and radio spectrum) communication.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Information Security What is Information Security?
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.
MWIF Confidential MWIF-Arch Security Task Force Task 5: Security for Signaling July 11, 2001 Baba, Shinichi Ready for MWIF Kansas.
Role Of Network IDS in Network Perimeter Defense.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
Lab #2 NET332 By Asma AlOsaimi.
CS457 Introduction to Information Security Systems
Securing Information Systems
Advanced Penetration testing
Firmware threat Dhaval Chauhan MIS 534.
CSCE 548 Secure Software Development Risk-Based Security Testing
Computer Networks.
Wireless Network Security
Host of Troubles : Multiple Host Ambiguities in HTTP Implementations
CSCE 548 Secure Software Development Test 1 Review
ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation
Firewalls.
Year 10 ICT ECDL/ICDL IT Security.
Advanced Penetration testing
CompTIA Security+ Study Guide (SY0-401)
SECURITY MECHANISM & E-COMMERCE
CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
Chapter 19: Building Systems with Assurance
SECURING WIRELESS LANS WITH CERTIFICATE SERVICES
Chapter 8: Monitoring the Network
draft-ipdvb-sec-01.txt ULE Security Requirements
INFORMATION SYSTEMS SECURITY and CONTROL
Security.
Privacy Recommendation PAR Proposal
Intrusion Detection system
Information Assurance & Network Security Certificate
ITU-T Workshop on Security, Seoul (Korea), May 2002
Operating System Concepts
Introduction to Cryptography
Module 4 System and Application Security
Presentation transcript:

Security Vulnerabilities in Protocols Dr. Greg Shannon Security Standards Manager Lucent Technologies

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Thesis Standards bodies have a unique ability and responsibility to address security vulnerabilities in protocols. There are immediate and relatively simple actions standards bodies can take to improve the security of all protocols currently being standardized. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Outline Security Vulnerability Basics Types & Examples of Security Vulnerabilities in Protocols Recommendations for Standards Bodies ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

What Is a Security Vulnerability? A security vulnerability is: A flaw or weakness in a system’s design, implementation or operation that could be exploited to violate the system’s security (RFC 2828). A security vulnerability is not: a risk, a threat, or an attack. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Vulnerabilities, Threats and Risks A security vulnerability combined with a security threat creates a security risk. Vulnerability + Threat  Risk Example: Overflow Bug + Hacker Knowledge & Tools & Access  Risk of Webserver Attack ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

The High-Impact of Protocol Security Vulnerabilities Threats change, but security vulnerabilities exist throughout the life of a protocol. With standardized protocols, protocol-based security risks can be very large – global in scale. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Outline Security Vulnerability Basics Types & Examples of Security Vulnerabilities in Protocols Recommendations for Standards Bodies ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Protocol Security Vulnerability Types Threat Model New threats from those originally considered. SS7 Design & Specification Errors make the protocol inherently vulnerable. BGP Implementations Errors create unexpected vulnerabilities. SNMP, ASN.1, BER Usage & Configuration Improper usage opens or magnifies security vulnerabilities. 802.11b, BGP ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

A Simple Protocol Vulnerability Model Security Vulnerabilities Security Threats Security Risks Hackers Insiders Terrorists Vandals Organized crime State sponsored Data loss Data corruption Privacy loss Fraud Down-time Public loss of confidence Confusion Threat Model +  Design & Specification Implementation Operations & Configuration ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 New Threat Model SS7 Old Model Designed for a closed network of well-known service providers of fixed services. No interface to IP-based networks. Software extensively tested. New Model Rogue providers may be malicious. Software and protocols for new services may be poorly tested or a poor fit with SS7. Network convergence puts IP interfaces on SS7-capable elements. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Design & Specification Errors BGP (RFC1771) Design implies an ASN of 0 is illegal. Specification allows 0 (and 65535). What happens when an ASN of 0 is advertised? Different implementations probably handle this differently. Such protocol inconsistencies are at the root of many attacks on specific implementations. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Implementation Errors SNMP, ASN.1, BER SNMP security depends on proper parsing of ASN.1 and BER. Some ASN.1 and BER parsers are not robust and make mistakes or allow buffer overflows. Limited specifics on SNMP error handling lead to unpredictable behaviors across implementations. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Usage or Configuration Errors 802.11b, BGP In 802.11b, a stream cipher is misused so that there is very little privacy protection. 802.11b operators often turn off even the basic security features. BGP operators turn off the authentication mechanisms. Errors and rogue messages can then easily propagate through core networks. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Lessons Learned Standards bodies have accepted protocols with serious vulnerabilities. Security depends on the whole protocol. Protocol vulnerabilities last a long time. Threats change over time. Implicit assumptions are often violated. Application layer protocols also have security vulnerabilities. Inattention to security issues creates vulnerable protocols. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Outline Security Vulnerability Basics Types & Examples of Security Vulnerabilities in Protocols Recommendations for Standards Bodies ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Recommendations for Discussion Openly discuss with security experts the security algorithms and mechanisms used in protocols. Establish simple but effective security guidelines for protocol authors. Initiate a systematic root-cause study of protocol vulnerabilities. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Open Security Discussions The security community has learned that two elements improve security: Exposure of the details to a wide audience Time to analyze and discuss the details. Secrecy does not improve security. Standards bodies should promote: Open discussion of security algorithms and mechanisms. Engagement with security experts on every standard. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Security Guidelines for Protocol Authors Early attention to security is best. Guidelines provide a way to quickly improve the process. Standards bodies should issue guidelines in four areas for all protocol authors: Specify Threat Models Protocol Designs & Specifications Secure Implementation Issues Operational & Configuration Issues ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Example Protocol Guidelines I Threat Model What is the initial model? What are the security assumptions? What is the trust model? Design & Specification Address unexpected messages. Anticipate DoS attacks. Limit data in debugging messages. Fully specify state machines ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Example Protocol Guidelines II Implementation Fully specify error handling for malformed or unexpected messages. Separate processing for signaling and traffic when possible. Operations & Configuration How robust is the protocol when all security features are turned off? Provide guidelines to vendors and operators for new protocol versions. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Root-Cause Analysis Incident analysis usually focuses on threat reduction and prosecution. The root cause(s) of an enabling vulnerability are usually not found. Standards bodies should: Systematically analyze the root causes of serious protocol vulnerabilities. Understand how their decisions and processes produce security vulnerabilities. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Summary Security vulnerabilities in important protocols have created serious security risks that were avoidable. Standards bodies should: Promote open security discussions. Provide protocol security guidelines. Identify root causes of vulnerabilities. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Contact Information Dr. Greg Shannon Please contact me about: Other work in this area Further discussion of this material Examples of protocol vulnerabilities Email: Greg.Shannon@lucent.com Phone: 1-614-860-4517 Mail: 6100 East Broad Street, Columbus, Ohio, 43212, USA ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Acronyms & References 802.11b – IEEE Wireless Local Area Network Standard BGP – Border Gateway Protocol Version DoS - Denial of Service (attack) IETF – Internet Engineering Task Force IEEE - Institute of Electronic and Electrical Engineers IP – Internet Protocol MPLS – Multi-protocol Label Switching SNMP – Simple Network Management Protocol SS7 – Signaling System #7 IETF ID draft-rescorla-sec-cons-05.txt, Guidelines for Writing RFC Text on Security Considerations IETF RFC #2828, Internet Security Glossary Lorenz, Moore, Manes, Hale, Shenoi. “Securing SS7 Telecommunications Networks.” Proceedings of the 2001 IEEE Workshop on Information Assurance and Security. Sharp. Principles of Protocol Design. Prentice Hall, 1995. ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 25.12.2018

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.