Privacy-Preserving Cross-Domain Network Reachability Quantification

Slides:



Advertisements
Similar presentations
1 Chapter 22 Network layer Delivery, Forwarding and Routing.
Advertisements

RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.
Cross-Domain Privacy-Preserving Collaborative Firewall Optimization Fei Chen Computer Science and Engineering Michigan State University Joint work with.
First Step Towards Automatic Correction of Firewall Policy Faults Fei Chen Alex X. Liu Computer Science and Engineering Michigan State University JeeHyun.
1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.
(4.4) Internet Protocols Layered approach to Internet Software 1.
What’s the Problem Web Server 1 Web Server N Web system played an essential role in Proving and Retrieve information. Cause Overloaded Status and Longer.
ClassBench: A Packet Classification Benchmark
 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Lab 5-1 Debrief.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
A Guide to major network components
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.
Networking Components Chad Benedict – LTEC
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Introduction to networking (Yarnfield) Introduction to routing.
Each computer and router interface maintains an ARP table for Layer 2 communication The ARP table is only effective for the broadcast domain (or LAN)
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
Presented by Group 2: Presented by Group 2: Shan Gao ( ) Shan Gao ( ) Dayang Yu ( ) Dayang Yu ( ) Jiayu Zhou ( ) Jiayu Zhou.
Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
What is FORENSICS? Why do we need Network Forensics?
Common Devices Used In Computer Networks
VeriFlow: Verifying Network-Wide Invariants in Real Time
A Privacy-Preserving Interdomain Audit Framework Adam J. Lee Parisa Tabriz Nikita Borisov University of Illinois, Urbana-Champaign WPES 2006.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
IDRM: Inter-Domain Routing Protocol for Mobile Ad Hoc Networks C.-K. Chau, J. Crowcroft, K.-W. Lee, S. H.Y. Wong.
Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.
 Network Segments  NICs  Repeaters  Hubs  Bridges  Switches  Routers and Brouters  Gateways 2.
SDN based Network Security Monitoring in Dynamic Cloud Networks Xiuzhen CHEN School of Information Security Engineering Shanghai Jiao Tong University,
CIS 3360: Internet: Network Layer Introduction Cliff Zou Spring 2012.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.
1 Route Optimization for Large Scale Network Mobility Assisted by BGP Feriel Mimoune, Farid Nait-Abdesselam, Tarik Taleb and Kazuo Hashimoto GLOBECOM 2007.
A Light-Weight Distributed Scheme for Detecting IP Prefix Hijacks in Real-Time Lusheng Ji†, Joint work with Changxi Zheng‡, Dan Pei†, Jia Wang†, Paul Francis‡
COP 5611 Operating Systems Spring 2010 Dan C. Marinescu Office: HEC 439 B Office hours: M-Wd 2:00-3:00 PM.
Presented by Rebecca Meinhold But How Does the Internet Work?
High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Data Communications & Computer Networks, Second Edition1 Chapter 8 Local Area Networks: Internetworking.
Computer Science 1 Systematic Structural Testing of Firewall Policies JeeHyun Hwang 1, Tao Xie 1, Fei Chen 2, and Alex Liu 2 North Carolina State University.
Networking Components Assignment 3 Corbin Watkins.
Securing Access to Data Using IPsec Josh Jones Cosc352.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
ROUTING.
Data Streaming in Computer Networking
COMP 3270 Computer Networks
Connecting Networks Repeater: physical layer Bridge: data link layer
Chapter 2: Basic Switching Concepts and Configuration
Introduction to Networking
Virtual LANs.
Chapter 4: Access Control Lists (ACLs)
Design Unit 26 Design a small or home office network
Firewalls Routers, Switches, Hubs VPNs
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Protocol Application TCP/IP Layer Model
Presentation transcript:

Privacy-Preserving Cross-Domain Network Reachability Quantification Fei Chen Computer Science and Engineering Michigan State University Joint work with Bezawada Bruhadeshwar and Alex X. Liu

Background Network reachability can be defined as What packets can pass through a given network path Network reachability quantification is very important for Understanding end-to-end network behavior Detecting the violation of security policies Business Network 1 Home Network 2 Internet

Motivation (1/2) Many solutions have been proposed to quantify the network reachability The main assumption of these solutions All the reachability information from these network devices is known Collecting such information could be very difficult Due to the privacy and security concerns Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2

Motivation (2/2) Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2 Can we achieve the two following goals at the same time? Quantify the network reachability for a given path, and Preserve privacy of reachability information belong to different parties

Problem Statement Assumption For each party, the reachability information is converted to an ACL Static reachability information Employ the network reachability approach [Khakpour et al., 2010] Let M(A) denote the set of packets that are accepted by ACL A We aim to design a privacy preserving protocol which Enables User1 to compute M(A1) ∩ M(A2) ∩ M(A3) No party can reveal the ACLs of other parties

Threat Model We consider semi-honest model Each party must follow our protocol correctly Input its ACL to our protocol without cheating Follow the process of our protocol Each party may try to learn the ACL rules of other parties Analyze the intermediate messages when running the protocol

Related work Probing Network reachability quantificaiton Current practice of verifying reachability Expensive to quantify network reachability Because it needs to generate and send significant amount of packets. Inaccurate E.g., it cannot probe the open ports with no server listening on them. Network reachability quantificaiton Estimate bounds of network reachability [Xie et al. 2005, Ingols et al. 2006, Matousek et al. 2008] Quantify the network reachability [Al-Shaer et al. 2009, Sung et al. 2009, Khakpour et al. 2010] Major assumption is not practical All reachability information is known No prior work studies privacy preserving reachability quantification

Basic building blocks (1/2) Prefix membership verification P1 P2 [3, 7] 5 Prefix format Prefix family S([3,7])={011, 1**} T(5)={101, 10*,1**,***} Prefix numericalization Prefix numericalization N(S([3,7]))={0111, 1100} N(T(5))={1011,1010, 1100,1000} If N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7]

Basic building blocks (2/2) Range intersection Suppose the domain of this field is [0, 7] P1 P2 [3, 7] [2, 5] Generate ranges Retrieve boundaries [0, 2] , [3, 7] 2, 5 Prefix format and numericalize Prefix family and numericalize N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) Because (1) N(S([0,2]))∩N(T(2)) ≠ , then 2[0, 2] (2) N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7] From 2[0, 2] and 5[3, 7], we have [3, 7] ∩ [2, 5] = [3, 5]

Privacy preserving range intersection Employ commutative encryption For a number x, ((x)K1)K2 = ((x)K2)K1 For ease of presentation, let (x) K12 denote ((x)K1)K2 P1 (K1) P2 (K2) [3, 7] [2, 5] N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (1) Encrypt by P2 (2) Encrypt by P1 N(S([0,2]))K12 , N(S([3,7])) K12 N(T(2)) K21 , N(T(5)) K21 If P1 does the comparison, it can conclude that [3,7] ∩ [2, 5] = [3, the original number of N(T(5)) K21]

Range intersection of multiple parties P1 (K1) P2 (K2) P3 (K3) [4, 7] [3, 7] [2, 5] N(S([0,3])) N(S([4,7])) N(S([0,2])) N(S([3,7])) N(T(2)) N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (3) Encrypt by P3 (1) Encrypt by P2 (2) Encrypt by P3 (1) Encrypt by P3 (2) Encrypt by P2 N(S([0,3]))K123 N(S([4,7])) K123 N(S([0,2]))K23 N(S([3,7])) K23 N(T(2)) K32 N(T(5)) K32 Comparison 3, N(T(5)) K32 Prepare for further comparison N(T(3)) K231 N(T(5)) K321 Comparison 4, N(T(5)) K321

Decryption of the comparison result N(T(5)) K321 Decrypt by P3 N(T(5)) K21 Decrypt by P2 N(T(5)) K1 Decrypt by P1 N(T(5)) Decode 4 5 [4, 5] = [4, 7] ∩ [3, 7] ∩ [2, 5]

ACL preprocessing ACL consists of multi-dimensional overlapping rules Convert it to non-overlapping rules with accept decision FDD construction [0, 4] [8, 15] F1 [0,15] F2 [0,4] [5,15] [5, 7] a d Extract non-overlapping rules with the accept decision

Experiment Setup We conducted experiments on both real and synthetic ACLs Each ACL examine five fields, Source and destination IPs, source and destination ports, protocol type The number of rules ranges from dozens to thousands For effectiveness, we verified the correctness For efficiency, we evaluate the computation and communication costs of the core operations Processing each ACL Comparing every two ACLs

Experimental Results (1/3) For real ACLs with the average number of rules 806 Both offline and online Computation costs are less than 2 seconds Communication cost is less than 60 KB Comparison cost is less than 1 second Our approach is efficient for the conversion and comparison of two real ACLs Processing real ACLs

Experimental Results (2/3) For synthetic ACLs with number of rules from 200 to 2000 One-time offline computation cost is less than 400 seconds The online computation cost is less than 5 seconds Communication cost is less than 450 KB Processing synthetic ACLs

Experimental Results (3/3) For synthetic ACLs with number of rules from 200 to 2000 The comparison time of two synthetic firewalls is less than 4 seconds Comparing synthetic ACLs

Conclusion Investigate privacy preserving quantification of network reachability for the first time Propose an efficient and secure protocol to quantify the network reachability accurately Conduct experiments on both real and synthetic ACLs to demonstrate the effectiveness and efficiently of our protocol

Future work Dynamic routing information Topological variations Dynamic routing table Topological variations Links go down New links get added Malicious model Some party cheats its ACL

Questions Thank you!