March 2009 (IETF 74)IETF - P2PRG1 Security Issues and Solutions in Peer-to- peer Systems for Real-time Communications draft-schulzrinne-p2prg-rtc-security-00.

Slides:

Advertisements

Similar presentations

The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.

Advertisements

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Scope Discussion Seems to be a good deal of interest in moving this toward a working group If we want to work toward this, we need to have a clearly defined.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Security Awareness: Applying Practical Security in Your World

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

March 2008IETF 71 (Philadelphia) - RUCUS1 SPIT architectural issues Henning Schulzrinne Columbia University (based partially on draft-tschofenig-sipping-framework-spit-reduction-03)

The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.

Secure routing for structured peer-to-peer overlay networks (by Castro et al.) Shariq Rizvi CS 294-4: Peer-to-Peer Systems.

Reliability and Relay Selection in Peer- to-Peer Communication Systems Salman A. Baset and Henning Schulzrinne Internet Real-time Laboratory Department.

Peer-to-peer approaches for SIP Henning Schulzrinne Dept. of Computer Science Columbia University.

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

Rajeev Bevara CS-555 Security Threats in VoIP. What is VoIP ? ➔ VOIP - Voice Over Internet Protocol. ➔ Delivery of voice communications and multimedia.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

SocialFilter: Introducing Social Trust to Collaborative Spam Mitigation Michael Sirivianos Telefonica Research Telefonica Research Joint work with Kyungbaek.

Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.

On the Design of Autonomic, Decentralized VPNs David Wolinsky, Kyungyong Lee, Oscar Boykin, and Renato Figueiredo ACIS P2P Group University of Florida.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs The University of Michigan Scott Wolchok J. Alex Halderman The University of Texas at Austin.

 Collection of connected programs communicating with similar programs to perform tasks  Legal  IRC bots to moderate/administer channels  Origin of.

Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.

Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.

Grid Appliance – On the Design of Self-Organizing, Decentralized Grids David Wolinsky, Arjun Prakash, and Renato Figueiredo ACIS Lab at the University.

P2P SIP Names & Security Cullen Jennings

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Peer to Peer Networks November 28, 2007 Jenni Aaker David Mize.

Peer-to-Peer Name Service (P2PNS) Ingmar Baumgart Institute of Telematics, Universität Karlsruhe IETF 70, Vancouver.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

An analysis of Skype protocol Presented by: Abdul Haleem.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.

SybilGuard: Defending Against Sybil Attacks via Social Networks.

KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.

SIPeerior Technologies A superior way to connect Emerging IETF Standards Work on P2PSIP David A. Bryan.

Protocol Requirements draft-bryan-p2psip-requirements-00.txt D. Bryan/SIPeerior-editor S. Baset/Columbia University M. Matuszewski/Nokia H. Sinnreich/Adobe.

Measurements and Mitigation of Peer-to-peer Botnets: A Case Study on Storm Worm Thorsten Holz, Moritz Steiner, Frederic Dahl, Ernst Biersack, Felix Freiling.

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

The eXtensible Peer Protocol (XPP) Emil Ivov - Enrico Marocco –

7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.

1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.

March 2008IETF 71 (P2PSIP)1 Data types in P2P systems Henning Schulzrinne Columbia University.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Innovations in P2P Communications David A. Bryan College of William and Mary April 11, 2006 Advisor: Bruce B. Lowekamp.

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

Threat Modeling for Cloud Computing

Peer to peer Internet telephony challenges, status and trend

P2P Streaming for Mobile Nodes: Scenarios and Related Issues

Peer-to-peer SIP Ad-hoc meeting

Hannes Tschofenig Henning Schulzrinne M. Shanmugam

Distributed Peer-to-peer Name Resolution

Data types in P2P systems

Peer-to-peer SIP Ad-hoc meeting

Presentation transcript:

March 2009 (IETF 74)IETF - P2PRG1 Security Issues and Solutions in Peer-to- peer Systems for Real-time Communications draft-schulzrinne-p2prg-rtc-security-00 Henning Schulzrinne Enrico Marocco Emil Ivov

Overview Attacker motivations Attacker resources P2P for real-time (vs. file sharing) –more than just a DHT March 2009 (IETF 74)IETF - P2PRG2

Attacker motivations Disrupt communications –extortion, dislike, political, … –incumbent operator? Financial gain –impersonation –theft of service –spamming (SPIT) Fun & fame March 2009 (IETF 74)IETF - P2PRG3

Attacker resources Identities: –IP addresses if used for DHT position user subscription limitations –mobile phone #’s – addresses, … Computational resources –botnets make proof-of-work largely useless March 2009 (IETF 74)IETF - P2PRG4

Attack timing March 2009 (IETF 74)IETF - P2PRG5 go rogue Behave & acquire good reputation Join

Review: P2P for real-time Map names to other identifiers  Provide (computational) services –proxying (registration, services) –relaying (NAT traversal) Store data –configuration data –voic March 2009 (IETF 74)IETF - P2PRG6

File sharing vs. real time File sharingReal-time Distributed databasefile location hundreds or thousands per user User locations: one per user Availabilitysame file, hundreds of copies each user is unique Integritypoison file store with bogus material  but no direct threat to user impersonate user  compromise user communication integrity ConfidentialityFiles are public (may want to hide origin) Communications is private (src/dest & content) March 2009 (IETF 74)IETF - P2PRG7

Admission control Goal: keep rogue percentage low –allows detection, voting, bypassing Group charter + group authority –authority certifies candidates compliance with charter –central authority or voting how practical in semi-anonymous systems? what information can votes be based on? ballot stuffing by compromised nodes Use CAPTCHA to reduce impact of bots RELOAD (and Skype) uses central authority March 2009 (IETF 74)IETF - P2PRG8

Position in overlay Sybil attacks do not depend on identifier –but preventing nodes from choosing location randomizes attacks IP address or identifier provided by central authority –IP address doesn’t work well for NATed devices –Allows attacker more choice Use temporary identifiers? –randomizes attack targets Use diametrically opposed IDs to avoid local collusion –rogue nodes can add neighbors March 2009 (IETF 74)IETF - P2PRG9

Identifying malicious peers Proactive –use test cases to detect misbehavior –“mystery shopper” Reactive –detect and report misbehavior Reputation management –mostly investigated for file sharing –difficult to prevent another denial-of-service attacks of rogue nodes –transitive trust March 2009 (IETF 74)IETF - P2PRG10

Real-time services are different Don’t need everyone to be a peer –just enough resources to get job done –just increases routing latency (log(N)) –increases chances of corruption Typically, promote nodes from clients to peers –use invitation, rather than self-promotion –based on uptime, resources, public IP address, geographic need Why would a client want to become peer? –Skype: closed  (almost) no choice –Open systems: incentives  randomized promotion for sybil prevention March 2009 (IETF 74)IETF - P2PRG11

Attack Denial of service –black hole signaling or media –fictitious error responses (“no such number”) –use iterative routing – getting closer? Integrity of location bindings –Identity-based crypto  non-intuitive identifiers Integrity of content (voice mail, …) –generally, only inserter needs access March 2009 (IETF 74)IETF - P2PRG12

Summary (& my take) P2P systems for real-time applications ≠ file sharing –more than just key  value mapping Identity scarcity is crucial –leverage existing hard-to-clone identities Reputation systems are unlikely to work –either central entity knows “good guys” –or they all look the same Avoiding centralization at all cost may not matter for real- time services –typically, don’t have Napster/PirateBay problem March 2009 (IETF 74)IETF - P2PRG13