Zakir Durumeric, James Kasten,David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer,

Slides:

Advertisements

Similar presentations

Internet Protocol Security (IP Sec)

Advertisements

RIPE 68 - Measurement, Analysis and Tools Working Group15 May 2014 Internet-Wide Scanning and its Measurement Applications Zakir Durumeric University of.

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Attacking Session Management Juliette Lessing

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

Electronic Transaction Security (E-Commerce)

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Computer Security and Penetration Testing

Internet Basics.

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.

Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

Staying Safe Online Keep your Information Secure.

Fast Portscan Detection Using Sequential Hypothesis Testing Authors: Jaeyeon Jung, Vern Paxson, Arthur W. Berger, and Hari Balakrishnan Publication: IEEE.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Vantage Report 3.0 Product Sales Guide

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

What is Heartbleed? Heartbleed is a vulnerability in OpenSSL software. OpenSSL is encryption software that accesses websites through a “secure” connection,

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

Modeling Worms: Two papers at Infocom 2003 Worms Programs that self propagate across the internet by exploiting the security flaws in widely used services.

Linux Networking and Security

Lecture 11 Page 1 Advanced Network Security Cryptography and Networks: IPSec and SSL/TLS Advanced Network Security Peter Reiher August, 2014.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Mapping Internet Sensors with Probe Response Attacks Authors: John Bethencourt, Jason Franklin, Mary Vernon Published At: Usenix Security Symposium, 2005.

1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Security. Security Flaws Errors that can be exploited by attackers Constantly exploited.

Presented by Teererai Marange. Background Open SSL Hearbeat extension Heartbleed vulnerability Description of work Methodology Summary of results Vulnerable.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

An Internet-Wide View of Internet-Wide Scanning.  Scanning  IPv4  Horizontal scanning – individual ports  Network telescope - darknet What is internet.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

CON7403 – ‘Heartbleed’ (CVE ) Case Study II Vulnerability Handling Perspective Bruce Lowenthal – Senior Director, Security Alerts Eric Maurice.

Security fundamentals Topic 9 Securing internet messaging.

Organisations and Data Management 1 Data Collection: Why organisations & individuals acquire data & supply data via websites 2Techniques used by organisations.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

SEMINAR ON IP SPOOFING. IP spoofing is the creation of IP packets using forged (spoofed) source IP address. In the April 1989, AT & T Bell a lab was among.

Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.

1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.

1 Modeling and Measuring Botnets David Dagon, Wenke Lee Georgia Institute of Technology Cliff C. Zou Univ. of Central Florida Funded by NSF CyberTrust.

SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers.

Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

CS457 Introduction to Information Security Systems

Security of Digital Signatures

HEARTBLEED: Technical Description and Fixes

Intro to Ethical Hacking

Unit 8 Network Security.

Slides Credit: Sogand Sadrhaghighi

CSCI-351 Data communication and Networks

The Heartbleed Bug and Attack

Presented by Shashank Shekhar Sahoo

Presentation transcript:

Zakir Durumeric, James Kasten,David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer, Vern Paxson THE MATTER OF HEARTBLEED Presented By: Sneha Dudaki

WHAT IS HEARTBLEED?  A bug in the OpenSSL open-source cryptographic library.  OpenSSL implements SSL and TLS protocols.  Provides a secure communication channel for most services such as web, , VPN, and messaging services.

WHAT IS HEARTBLEED?  The Heartbleed bug was critical due to three main reasons: 1.Retrieved private cryptographic keys and private user data 2.Easy to exploit 3.More affected services due to HTTPS and TLS protocols being used.  More specifically, it was a bug in the implementation of the TLS Heartbeat extension.  TLS Heartbeat extension uses a well-defined Heartbleed protocol.

THE HEARTBLEED PROTOCOL  Checks if the host communicating to is online – “heartbeat”.  Verifies communication connectivity through a Heartbeat request.  The request contains a payload length field and a payload that you want the server to echo back.  Vulnerability: payload length extension attack!  Allows attackers to access data stored in the protected memory of the server.

WHY IS HEARTBLEED CATASTROPHIC?  Heartbleed allows attackers to read sensitive information from servers.  Almost all popular web, mail, messaging, and database servers use OpenSSL to facilitate TLS connections.  Invalidates users privacy and confidentiality due to a “leaky” secure communication channel.

MOTIVATION  Explore the impact of a “serious” bug on the technical community.  Gain a better understanding of the coping and response mechanisms adapted.  Effective global security policy.

MAIN AREAS EXPLORED 1.Tracking the vulnerable population 2.Monitoring patching behaviour overtime 3.Accessing the impact on the HTTPS certificate ecosystem 4.Exposing attempts to exploit the bug

TRACKING THE VULNERABLE POPULATION  Vulnerability scans against:  The Alexa Top 1 Million domains  1% non-reserved IPv4 address space  Results: Time of disclosureAlexa Top SitesThe Internet (IPv4) Pre-48 hoursAt least 44 of Alexa top 100 Between 24 – 55% of Alexa 1 million N/A Post-48 hours11.5% of Alexa top 1 million5.9% of all HTTPS hosts

MONITORING PATCHING BEHAVIOUR OVERTIME  Detects when services disable the heartbeat extension.  Pre-disclosure patching: Google, Akamai, and some other sites.  Popular websites  5 of Alexa top 100 remained vulnerable after 22 hours.  93 sites replaced their certificates.  Internet wide HTTPS  Slower patching behaviour (Note: 1% scan per day!).  A drastic drop in vulnerable host % due to quick patch of ASes.

APRIL AND MAY PATCH RATES

IMPACT ON THE HTTPS CERTIFICATE ECOSYSTEM  Security community “recommended” to generate new cryptographic keys and to revoke compromised certificates.  Certificate replacement  Alexa sites - 73% patched but only 10.1% replaced.  19% of the sites that replaced certificates also revoked the original certificate.  14% re-used the same private key!  Certificate revocation  The number revoked in the following three months after the disclosure was greater than the previous 3 years.

EXPOSING ATTEMPTS TO EXPLOIT THE BUG  Checking network traffic for potential attackers.  Pre-disclosure activity  No evidence of any exploit attempt  Post-disclosure activity  Examined packet traces from three honeypots.  Observed 5,948 attempts to exploit the vulnerability from 692 hosts.  Several types of exploits (will see in the next slide).  Hosts targeted ports that supported HTTPS.

TYPES OF EXPLOITS

NOTIFICATION SYSTEM  Authors notified the system operators of vulnerable systems that were not patched.  Notification s were sent out.  The vulnerable systems were tracked.  Result:  A significant positive improvement in vulnerable systems being patched after the notification.

SUMMARY  Vulnerability was widespread (websites to embedded devices).  Sites patched heavily in the first two weeks, and then ceased.  Very few sites replaced or revoked their certificates.  No attacks pre-disclosure but a significant increase post-disclosure.  Lastly, the notification system proved to be impactful.

CRITICISM  Zmap - the Heartbleed scanner.  Data aggregation 2 days after public disclosure.  Daily 1% scans of the IPv4 address space.

ZMAP - THE HEARTBLEED SCANNER  The Heartbleed scanner contained a bug that caused vulnerable sites to appear safe (i.e. false negatives).  A timeout period that set the vulnerability status to false by default.  Found that false negatives were address-independent (i.e. no correlation between IP addresses and false negative detection).

ZMAP - THE HEARTBLEED SCANNER Using data gathered from two scans in the months of April and May they conclude that: “ultimately we conclude that the scanner exhibited a false negative rate between 6.5% and 10.5%, but that these manifest independently of the particular server scanned. Due to this address-independent behaviour, we can assume a similar false negative rate for sampled scans”. Possible solution – set status to unknown or null as default.

DATA AGGREGATION TWO DAYS AFTER PUBLIC DISCLOSURE  Impact on popular websites was found after 48 hours by the researchers.  Aggregated press releases, targeted scans, and quotes from news sites were used for collecting data in the first 48 hours.  Report lower bound statistics, with information for some sites missing.  To what extent is this information truly representative of the actual statistics?  Not plausible to make such claims or assumptions due to missing information.

DAILY 1% SCANS OF THE IPV4 ADDRESS SPACE  The authors estimate that 2 million HTTPS hosts were vulnerable two days after the disclosure.  This could possibly be an underestimate due to the 1% sample size.  Since the IPv4 address space covers most of the Internet, the 1% data extracted on a particular day will not be representative of another 1% sample.  Though scanning large samples (> 1%) may consume more time, it ensures a more reliable estimate.

QUESTIONS?