NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Enabling Secure Internet Access with ISA Server
Secure Mobile IP Communication
Traffic Shaping Why traffic shaping? Isochronous shaping
RSVP Cryptographic Authentication "...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.
CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
A Case for Relative Differentiated Services and the Proportional Differentiation Model Constantinos Dovrolis Parameswaran Ramanathan University of Wisconsin-Madison.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
UNCW UNCW SIGGRAPH 2002 Topic #3: Continuous Media in Wired and Wireless Environments Ronald J. Vetter Department of Computer Science University of North.
01/04/2007ecs236 winter Intrusion Detection ecs236 Winter 2007: Intrusion Detection #2: Anomaly Detection Dr. S. Felix Wu Computer Science Department.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
01/04/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #3: Anomaly Detection Dr. S. Felix Wu Computer Science Department.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Applied Cryptography for Network Security
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
Internet Protocol Security (IPSec)
TCP: Software for Reliable Communication. Spring 2002Computer Networks Applications Internet: a Collection of Disparate Networks Different goals: Speed,
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 Integrated and Differentiated Services Multimedia Systems(Module 5 Lesson 4) Summary: r Intserv Architecture RSVP signaling protocol r Diffserv Architecture.
Vulnerabilities and Safeguards in Networks with QoS Support Dr. Sonia Fahmy CS Dept., Purdue University.
© 2006 Cisco Systems, Inc. All rights reserved. 3.3: Selecting an Appropriate QoS Policy Model.
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 3: Introduction to IP QoS.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Transport Layer Introduction to Networking.
Protocol(TCP/IP, HTTP) 송준화 조경민 2001/03/13. Network Computing Lab.2 Layering of TCP/IP-based protocols.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
1 Integrating security in a quality aware multimedia delivery platform Paul Koster 21 november 2001.
Module 10: How Middleboxes Impact Performance
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Ad Hoc Network.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
1 Protecting Network Quality of Service against Denial of Service Attacks Douglas S. Reeves S. Felix Wu Chandru Sargor N. C. State University / MCNC October.
Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.
NC STATE UNIVERSITY / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Fengmin Gong Talk:
MIPv6Security: Dimension Of Danger Unauthorized creation (or deletion) of the Binding Cache Entry (BCE).
NC STATE UNIVERSITY / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Fengmin Gong DARPA.
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
File Transfer And Access (FTP, TFTP, NFS). Remote File Access, Transfer and Storage Networks For different goals variety of approaches to remote file.
Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.
Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu DARPA FTN PI Meeting August 2, 2001 NC State /
Securing Access to Data Using IPsec Josh Jones Cosc352.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
Presented by Edith Ngai MPhil Term 3 Presentation
Intrusion Tolerant Architectures
Virtual Private Networks
IT443 – Network Security Administration Instructor: Bo Sheng
Malicious Packet Dropping: How It Might Impact the TCP Performance
Outline Basics of network security Definitions Sample attacks
Module 8: Securing Network Traffic by Using IPSec and Certificates
Information and Network Security
Chapter 15 – Part 2 Networks The Internal Operating System
Module 8: Securing Network Traffic by Using IPSec and Certificates
Advanced Computer Networks
Security in SDR & cognitive radio
Outline Basics of network security Definitions Sample attacks
Presentation transcript:

NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA FTN PI Meeting January 17, 2001

NC State / UC Davis / MCNC January 17, FTN PI Meeting2 Timetable and Participants Start date = August 1999 Duration = 36 months Point of contact = Dr. Kevin Kwiat, AFRL, (315) No clearances Douglas ReevesN.C. State University (919) S. Felix WuU.C. Davis (530) Dan StephensonMCNC

NC State / UC Davis / MCNC January 17, FTN PI Meeting3 QoS - A New Vulnerability Guaranteeing QoS for a “flow” requires providing adequate resources –If you can't get or keep resources, your QoS is denied Normal users will try to get maximum QoS without regard to others Malicious users will try to deny quality of service to others

NC State / UC Davis / MCNC January 17, FTN PI Meeting4 The ARQOS Project: Overview / Basic Strategies 1.Enforceable resource allocation policies, using pricing 2.Authorization and authentication to protect QoS signaling 3.Detect QoS attacks (monitor and analyze) 4.Other 8-)

NC State / UC Davis / MCNC January 17, FTN PI Meeting5 1.Pricing: Pay as You Go Resources are priced, users have to “pay” to get what they want Policies –"fair" allocations, prioritize users, network optimization,... Steps –Measure demand –Compute prices –Distribute prices –Adjust demand “Appropriate" timescale / resource granularity for pricing?

NC State / UC Davis / MCNC January 17, FTN PI Meeting6 (1a. Pricing) Fixed or Variable Prices? Some users want lowest price (greatest resource amount) Some users want predictability (fixed resource amount) Goal: support both types of users

NC State / UC Davis / MCNC January 17, FTN PI Meeting7 “Spot” (Variable) Market Timing User demands and resource prices change dynamically, asynchronously Changes in Demand Price Adjustments Time

NC State / UC Davis / MCNC January 17, FTN PI Meeting8 Spot Market Example 160 users, MPEG video traffic, standard benchmark network

NC State / UC Davis / MCNC January 17, FTN PI Meeting9 Spot Market Properties Fully distributed Asynchronous, dynamic Low overhead Provably fair Provably optimal But… unpredictable prices

NC State / UC Davis / MCNC January 17, FTN PI Meeting10 Predictability: The Reservation Market Changes in Demand Price Adjustments Time Pricing Periods

NC State / UC Davis / MCNC January 17, FTN PI Meeting11 Combining the Two Markets Split each resource into "available" and "reservable" portions Users specify their preferences for price vs. predictability Compute prices separately for available and reservable parts

NC State / UC Davis / MCNC January 17, FTN PI Meeting12 User Preferences

NC State / UC Davis / MCNC January 17, FTN PI Meeting13 Reservation Market Example

NC State / UC Davis / MCNC January 17, FTN PI Meeting14 Results Ability to trade off risk (unpredictability) for reward (low prices) very flexibly –No other system combines reservations and dynamic pricing Independent of the mechanism for computing reserved prices –We predicted future demand from past demand for demonstration purposes

NC State / UC Davis / MCNC January 17, FTN PI Meeting15 (1b. Pricing) Implementation Conventional Resource Reservation (no pricing)

NC State / UC Davis / MCNC January 17, FTN PI Meeting16 Implementation with pricing (now)

NC State / UC Davis / MCNC January 17, FTN PI Meeting17 Implementation with pricing and authorization (next)

NC State / UC Davis / MCNC January 17, FTN PI Meeting18 2. Authorizing Resource Allocation Setting up connections –Control plane: Authenticate, authorize, and manage requests for services –Bearer plane: Admission control and resource reservation –These have to be coordinated! Who does what? –Hosts request the services –Session management servers implement the control plane –Policy servers and routers implement the bearer plane

NC State / UC Davis / MCNC January 17, FTN PI Meeting19 Network Relationships

NC State / UC Davis / MCNC January 17, FTN PI Meeting20 The Evolving Network Model Bearer path (even the first hop) highly changeable –E.g., mobility No one institution owns the whole network any more –Multiple carriers –Multiple service providers Businesses will partner, but don't want to share secrets or relinquish control –E.g., reluctant to divulge network topology information

NC State / UC Davis / MCNC January 17, FTN PI Meeting21 Our Solution 1.Session Manager authorizes resource allocation and issues a "ticket" to the Host 2.Ticket is propagated to Policy Servers 3.Policy Server uses ticket to verify request is authorized

NC State / UC Davis / MCNC January 17, FTN PI Meeting22 Solution Example

NC State / UC Davis / MCNC January 17, FTN PI Meeting23 Contents of the Ticket (Example) Originating party IP address/port # Terminating party IP address/port # Session identifier Media stream characteristics being authorized Authorization lifetime (no stockpiling of tickets!) Identity of Session Manager (issuing this ticket) Signature of Session Manager –Prevents tampering with ticket contents

NC State / UC Davis / MCNC January 17, FTN PI Meeting24 Authentication of Ticket Must not be possible to forge, modify, or reuse a ticket Assume Key Exchange Server (KES) exists and is trusted Signature based on Session Manager's key Policy Server requests key of Session Manager from Key Exchange Server for decryption –key can be cached to reduce overhead

NC State / UC Davis / MCNC January 17, FTN PI Meeting25 Protocol Impacts RSVP "Identity Representation" –Existing proposal for inserting authorization objects into RSVP messages COPS –Already contains authorization “object” Session Description Protocol (SDP) –a few new fields added to SDP (carried by SIP)

NC State / UC Davis / MCNC January 17, FTN PI Meeting26 Discussion Compatible with mobile IP networks, appears attractive for 3G wireless Session Manager oblivious to the topology of the bearer path Integrate authorization / authentication with allocation –Establish trust before allocating resources –Introduce "credential" methods to ensure trust Topic #1, BAA01-22!

NC State / UC Davis / MCNC January 17, FTN PI Meeting27 Results Reeves and Christie (Nortel): patent application, October 2000 Hamer and Gage (Nortel): IETF submission draft-hamer-sip-session-auth-00.txt, November 2000 Prototypes being implemented by Nortel and N.C. State

NC State / UC Davis / MCNC January 17, FTN PI Meeting28 3. Packet Dropping Attacks Maliciously cause packets to be dropped –All packets? Too obvious –Some random packets –Some important packets, e.g., retransmission packet Hard to detect –Packet loss might be due to normal network congestion

NC State / UC Davis / MCNC January 17, FTN PI Meeting29 Ways to Implement Dropping Attacks Compromise intermediate routers –Easy to manipulate the victim's traffic –Hard to detect –Difficult to accomplish Congest intermediate routers –Hard to accurately control the dropping –Easier to detect –Easy to accomplish, e.g., Tribe Flood Network

NC State / UC Davis / MCNC January 17, FTN PI Meeting30 Experiment Setting 4 FTP Servers across the Internet FTP client runs Linux in SHANG lab Size of downloaded file is 5.5MB Attack Agent 4runs on the same host as FTP client 4act as a compromised router FTP Interne t Divert Socket FTP Client on Linux xyz.zip 5.5M FTP Server Attack Agent Data Packets

NC State / UC Davis / MCNC January 17, FTN PI Meeting31 Experiments over the Internet FTP Client NCSU FTP Servers Heidelberg NCU SingNet UIUC

NC State / UC Davis / MCNC January 17, FTN PI Meeting32 Results: Impact on Average Pkt. Delay 7 packets are dropped among more than 4000 packets in a connection

NC State / UC Davis / MCNC January 17, FTN PI Meeting33 Q-Test Detection Mechanism Based on ideas from NIDES-STAT (SRI) –Collect data on “normal” behavior –Compare expected distribution vs observed distribution –Is the deviation significant? Implementation: TDSAM

NC State / UC Davis / MCNC January 17, FTN PI Meeting34 Example Experiment Long-Term profile –nbin = 5, bin-width =800 –p 1 = , p 2 = , p 3 = , p 4 = , p 5 = PerPD(20,4,5) –drop packets only in the first 85. –p 1 = , p 2 = , p 3 = , p 4 = , p 5 =

NC State / UC Davis / MCNC January 17, FTN PI Meeting35 Q-Distribution for Position of Dropped Packets

NC State / UC Davis / MCNC January 17, FTN PI Meeting36 Q-Distribution for Packet Delay

NC State / UC Davis / MCNC January 17, FTN PI Meeting37 Results Performance –False alarm rate: 1.1% ~ 5.8% –Detection rate: high on most cases except for those causing very minor damage Best results: use combined metrics

NC State / UC Davis / MCNC January 17, FTN PI Meeting38 Results: Position Measure

NC State / UC Davis / MCNC January 17, FTN PI Meeting39 Results: Delay Measure

NC State / UC Davis / MCNC January 17, FTN PI Meeting40 Results: Packet Loss Rate Measure

NC State / UC Davis / MCNC January 17, FTN PI Meeting41 4. Policy Consistency Checking IPSec policies are created by administrators to establish VPNs The set of policies is supposed to implement a set of high-level requirements –Ex. policy 1 + policy 2 + policy 3 = no data transmitted in the clear between site A and site B How can you tell if set of policies conflicts?

NC State / UC Davis / MCNC January 17, FTN PI Meeting42 H1FW1SW2 H2 Example of a Policy Conflict Security policies –P1 = all packets from H1 to H2 must be authenticated to SW2 –P2 = all packets from H1 to H2 must be encrypted from FW1 to SW2 Result –P1 changes src/dest of packets from H1/H2 to H1/SW2 –P2 is not invoked on these packets, which are therefore not encrypted –Security breach!

NC State / UC Davis / MCNC January 17, FTN PI Meeting43 Status Define language to specify high-level requirements Define what consistency checking of policies means  Create polynomial algorithm to check for conflicts  Resolve policy conflicts if they are found Tech transfer opportunity with Nortel

NC State / UC Davis / MCNC January 17, FTN PI Meeting44 Deliverables Accomplished –Congestion pricing system papers –Papers: iwqos, icnp (3 times), net2k, policy 2001,... –Software: packet dropping attack analysis, RSVP authentication –Patents, standards submissions, implementation: tech transfer to Nortel Future –Software: RSVP / policy server / COPS, Authorization, TCP with pricing, DiffServ attack analysis –Final report

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.