Privacy-Preserving Cross-Domain Network Reachability Quantification Fei Chen Computer Science and Engineering Michigan State University Joint work with Bezawada Bruhadeshwar and Alex X. Liu
Background Network reachability can be defined as What packets can pass through a given network path Network reachability quantification is very important for Understanding end-to-end network behavior Detecting the violation of security policies Business Network 1 Home Network 2 Internet
Motivation (1/2) Many solutions have been proposed to quantify the network reachability The main assumption of these solutions All the reachability information from these network devices is known Collecting such information could be very difficult Due to the privacy and security concerns Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2
Motivation (2/2) Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2 Can we achieve the two following goals at the same time? Quantify the network reachability for a given path, and Preserve privacy of reachability information belong to different parties
Problem Statement Assumption For each party, the reachability information is converted to an ACL Static reachability information Employ the network reachability approach [Khakpour et al., 2010] Let M(A) denote the set of packets that are accepted by ACL A We aim to design a privacy preserving protocol which Enables User1 to compute M(A1) ∩ M(A2) ∩ M(A3) No party can reveal the ACLs of other parties
Threat Model We consider semi-honest model Each party must follow our protocol correctly Input its ACL to our protocol without cheating Follow the process of our protocol Each party may try to learn the ACL rules of other parties Analyze the intermediate messages when running the protocol
Related work Probing Network reachability quantificaiton Current practice of verifying reachability Expensive to quantify network reachability Because it needs to generate and send significant amount of packets. Inaccurate E.g., it cannot probe the open ports with no server listening on them. Network reachability quantificaiton Estimate bounds of network reachability [Xie et al. 2005, Ingols et al. 2006, Matousek et al. 2008] Quantify the network reachability [Al-Shaer et al. 2009, Sung et al. 2009, Khakpour et al. 2010] Major assumption is not practical All reachability information is known No prior work studies privacy preserving reachability quantification
Basic building blocks (1/2) Prefix membership verification P1 P2 [3, 7] 5 Prefix format Prefix family S([3,7])={011, 1**} T(5)={101, 10*,1**,***} Prefix numericalization Prefix numericalization N(S([3,7]))={0111, 1100} N(T(5))={1011,1010, 1100,1000} If N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7]
Basic building blocks (2/2) Range intersection Suppose the domain of this field is [0, 7] P1 P2 [3, 7] [2, 5] Generate ranges Retrieve boundaries [0, 2] , [3, 7] 2, 5 Prefix format and numericalize Prefix family and numericalize N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) Because (1) N(S([0,2]))∩N(T(2)) ≠ , then 2[0, 2] (2) N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7] From 2[0, 2] and 5[3, 7], we have [3, 7] ∩ [2, 5] = [3, 5]
Privacy preserving range intersection Employ commutative encryption For a number x, ((x)K1)K2 = ((x)K2)K1 For ease of presentation, let (x) K12 denote ((x)K1)K2 P1 (K1) P2 (K2) [3, 7] [2, 5] N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (1) Encrypt by P2 (2) Encrypt by P1 N(S([0,2]))K12 , N(S([3,7])) K12 N(T(2)) K21 , N(T(5)) K21 If P1 does the comparison, it can conclude that [3,7] ∩ [2, 5] = [3, the original number of N(T(5)) K21]
Range intersection of multiple parties P1 (K1) P2 (K2) P3 (K3) [4, 7] [3, 7] [2, 5] N(S([0,3])) N(S([4,7])) N(S([0,2])) N(S([3,7])) N(T(2)) N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (3) Encrypt by P3 (1) Encrypt by P2 (2) Encrypt by P3 (1) Encrypt by P3 (2) Encrypt by P2 N(S([0,3]))K123 N(S([4,7])) K123 N(S([0,2]))K23 N(S([3,7])) K23 N(T(2)) K32 N(T(5)) K32 Comparison 3, N(T(5)) K32 Prepare for further comparison N(T(3)) K231 N(T(5)) K321 Comparison 4, N(T(5)) K321
Decryption of the comparison result N(T(5)) K321 Decrypt by P3 N(T(5)) K21 Decrypt by P2 N(T(5)) K1 Decrypt by P1 N(T(5)) Decode 4 5 [4, 5] = [4, 7] ∩ [3, 7] ∩ [2, 5]
ACL preprocessing ACL consists of multi-dimensional overlapping rules Convert it to non-overlapping rules with accept decision FDD construction [0, 4] [8, 15] F1 [0,15] F2 [0,4] [5,15] [5, 7] a d Extract non-overlapping rules with the accept decision
Experiment Setup We conducted experiments on both real and synthetic ACLs Each ACL examine five fields, Source and destination IPs, source and destination ports, protocol type The number of rules ranges from dozens to thousands For effectiveness, we verified the correctness For efficiency, we evaluate the computation and communication costs of the core operations Processing each ACL Comparing every two ACLs
Experimental Results (1/3) For real ACLs with the average number of rules 806 Both offline and online Computation costs are less than 2 seconds Communication cost is less than 60 KB Comparison cost is less than 1 second Our approach is efficient for the conversion and comparison of two real ACLs Processing real ACLs
Experimental Results (2/3) For synthetic ACLs with number of rules from 200 to 2000 One-time offline computation cost is less than 400 seconds The online computation cost is less than 5 seconds Communication cost is less than 450 KB Processing synthetic ACLs
Experimental Results (3/3) For synthetic ACLs with number of rules from 200 to 2000 The comparison time of two synthetic firewalls is less than 4 seconds Comparing synthetic ACLs
Conclusion Investigate privacy preserving quantification of network reachability for the first time Propose an efficient and secure protocol to quantify the network reachability accurately Conduct experiments on both real and synthetic ACLs to demonstrate the effectiveness and efficiently of our protocol
Future work Dynamic routing information Topological variations Dynamic routing table Topological variations Links go down New links get added Malicious model Some party cheats its ACL
Questions Thank you!