Randomized Failover Intrusion- Tolerant Systems (RFITS) Ranga Ramanujan, Maher Kaddoura, Carla Marceau, Clint Sanders, Doug Harper, David Baca Architecture.

Slides:

Advertisements

Similar presentations

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.

Advertisements

Denial of Service By: Samarth Shah and Navin Soni.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.

Availability Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) Coming up: Aspects of Computer.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Doug Long Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, Scott Shenker, SIGCOMM ‘06 Presented by Lianmu Chen DDoS:

Overview of Distributed Denial of Service (DDoS) Wei Zhou.

NETWORK LOAD BALANCING NLB.  Network Load Balancing (NLB) is a Clustering Technology.  Windows Based. (windows server).  To scale performance, Network.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Fundamentals of Computer Security Geetika Sharma Fall 2008.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Randomized Failover Intrusion- Tolerant Systems (RFITS) Ranga Ramanujan, Maher Kaddoura, John Wu, Clint Sanders, Doug Harper, David Baca Architecture Technology.

Michael Walfish, Mythili Vutukuru, Hari Balakrishanan, David Karger, Scott Shankar DDos Defense by Offense.

Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.

Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.

DDoS Defense by Offense Presented by: Matthew C.H. Ma Damon Chan.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

DFence: Transparent Network-based Denial of Service Mitigation CSC7221 Advanced Topics in Internet Technology Presented by To Siu Sang Eric ( )

Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs.

Applied Cryptography for Network Security

1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.

10/21/20031 Framework For Classifying Denial of Service Attacks Alefiya Hussain, John Heidemann, Christos Papadopoulos Kavita Chada & Viji Avali CSCE 790.

Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.

Defense Against DDoS Presented by Zhanxiang for [Crab] Apr. 15, 2004.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

Lecture 22 Page 1 Advanced Network Security Other Types of DDoS Attacks Advanced Network Security Peter Reiher August, 2014.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability.

Enhancing the Security of Corporate Wi-Fi Networks using DAIR PRESENTED BY SRAVANI KAMBAM 1.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

--Harish Reddy Vemula Distributed Denial of Service.

Network Presence, LLC SM Innovative Security Solutions SM Understanding, Planning For, and Responding To Denial of Service Attacks SANS 2001.

DISTRIBUTED tcpdump CAPABILITY FOR LINUX Research Paper EJAZ AHMED SYED Dr. JIM MARTIN Internet Research Group. Department Of Computer Science – Clemson.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

1 Countering DoS Through Filtering Omar Bashir Communications Enabling Technologies

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.

Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.

SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Tracy Wagner CDA 6938.

Group 8 Distributed Denial of Service. DoS SYN Flood DDoS Proposed Algorithm Group 8 What is Denial of Service? “Attack in which the primary goal is to.

Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Hiral Chhaya CDA 6133.

Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking Author : Tommy Chin Jr., Xenia Mountrouidou, Xiangyang Li and Kaiqi.

DoS/DDoS attack and defense

Autonomic Response to Distributed Denial of Service Attacks Paper by: Dan Sterne, Kelly Djahandari, Brett Wilson, Bill Babson, Dan Schnackenberg, Harley.

© 2002, Cisco Systems, Inc. All rights reserved..

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.

Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally

Distributed Denial of Service Yi Zhang April 26, 2016.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

CONTRA Camouflage of Network Traffic to Resist Attack (Intrusion Tolerance Using Masking, Redundancy and Dispersion) DARPA OASIS PI Meeting – Hilton Head.

Introduction to Network Security

DDoS Attack and Its Defense

Presentation transcript:

Randomized Failover Intrusion- Tolerant Systems (RFITS) Ranga Ramanujan, Maher Kaddoura, Carla Marceau, Clint Sanders, Doug Harper, David Baca Architecture Technology Corporation (ATC) ATC-NY (formerly Odyssey Research Associates) DARPA OASIS PI Meeting August 20, 2002

Project Introduction l Objective ä Demonstrate viability of randomized failover concept for building survivable network applications l What is randomized failover? ä Approach for system survivability based on the notion that attackers can be thwarted by making the failover process invoked by the system upon detection of an attack appear unpredictable or “random” n large failover space makes it difficult for attacker to acquire knowledge of system state needed to adapt attack l Focus on network borne denial-of-service attacks ä Flooding (packet, service request) ä Host takedown

Project Introduction (Cont’d) l Accomplishment to date ä Developed handbook of survivability design patterns n Survivable information transport services n Survivable server groups ä Applied selected design patterns to develop VPNshield ä Completed prototype implementation of VPNshield n Demo at DARPAtech 2002 n Network 2002 paper ä Completed initial prototype of FlowShield ä Developed design of DoS-resistant JMS ä Participated in Peer Review Validation of VPNshield

FlowShield Design Goals l Protect mission-critical information flows from flooding DoS attacks ä protection on per packet flow basis ä guaranteed share of access link bandwidth for protected packet flows ä application transparent ä no changes to existing core network infrastructure l Supplement infrastructure based DDoS defenses

FlowShield Approach Overview l Packet flows are uniquely identified by their flow labels ( source IP addr., dest. IP address) l For each protected flow, the FlowShield endpoint reserves a fraction of the access link bandwidth l Upon detection of a flooding attack, FlowShield endpoints “transmute” the label of the protected flow l Access link reservation for old flow label is canceled. Reservation installed for new label

FlowShield: Appliance Based Implementation l FlowShield appliance at boundary of edge network embeds mechanisms for ä detection of flooding attacks ä flow label transformation and link re-provisioning

FlowShield: Appliance Based Implementation (Cont’d) l FlowShield POP appliance(s) associated with each edge appliance ä serves as tunnel concatenation device

Assumptions About Threat Environment l Flooding attacks are launched from the edge of the shared, public network. Attacker does not have access to core of the shared network. l Shared secrets between FlowShield appliances are adequately protected against compromise l Volume of traffic may be sufficient to inundate access link but not sufficient to disrupt operation of service provider network

Applying RFITS Techniques to Protect JMS from Flooding Attacks l The Java Message Service (JMS) specification defines a messaging interface for Java applications. ä It supports both queuing and publish/subscribe. l Message-based applications are vulnerable to denial of service attacks at the messaging level. ä Attacker can flood message service with spurious messages. ä Prevents application from acting on real messages. l Such attacks may not be visible at the network level ä “Life-cycle” attacks ä Rogue JMS client planted by insider n Access control may not prevent attacks ä Programming errors

Example JMS Implementation

JMS Denial of Service Attack Message flood

JMS Channel Partitioning

l To survive DOS attack by client When client requests topic for “T” through JNDI interface, assign alias topic T k instead of T itself. ä Maintain the T k  T partition mapping at the service center. ä If client launches DOS attack on topic T k, invalidate topic T k and refuse new topic requests from client host associated with topic T k. l Other message service clients continue to function ä Clients communicating through other aliases for T ä New clients requesting topic for “T” from other hosts l Why does this work? ä Each client is segregated into a distinguishable topic, which can be invalidated selectively. l This defense is also effective for message queues.

Distributed JMS with Local Topic Aliases Y manages topic T Message to T2 Message to T Delivered from T4

Conclusion and Future Plans l Demonstrated application of RFITS survivability design patterns to protect information flows at different levels of granularity ä aggregated flows (VPNshield) ä individual flows (FlowShield) ä pub/sub messaging (DoS-resistant JMS) l Planned work ä Prototype implementation of FlowShield appliances ä FlowShield customization for CECOM SMS ä Refine and extend design of DoS-resistant JMS