Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCE 715: Network Systems Security

Published bySilvia Boone Modified over 6 years ago

Similar presentations

Presentation on theme: "CSCE 715: Network Systems Security"— Presentation transcript:

1 CSCE 715: Network Systems Security
Chin-Tser Huang University of South Carolina

2 A Security Problem in Network
An adversary that has access to a network can insert new messages, modify current messages, or replay old messages in the network These inserted, modified, and replayed messages can go undetected until they cause severe damage to network The physical location of the adversary in network may never be determined Cannot be mitigated by end-to-end security scheme Example: denial-of-service attacks 10/05/2010

3 Denial-of-Service (DoS) Attacks
Aimed to deny normal service provided by the target computer Communication-stopping attacks ARP spoofing attack Resource-exhausting attacks Smurf attack SYN attack 10/05/2010

4 Ping Protocol Allow any computer to check whether any other computer in the Internet is up Any computer x can send a “ping” message to any computer y which replies by sending back a “pong” message (thus x knows y is up) In ping message: src = x and dst = y In pong message: src = y and dst = x ping(x, y) x y pong(y, x) 10/05/2010

5 Broadcast Ping Protocol
If in ping message dst = “all”, a copy of ping is broadcast to every computer Each computer replies by sending back a pong, and x is flooded with pong messages In ping message: src = x and dst = “all” In pong messages: src = y, y’ and dst = x pong(y´,x) ping(x,all) x y pong(y, x) 10/05/2010

6 Smurf Attack An adversary pretends to be x and broadcasts a ping message where src = x and dst = “all” Thus, x is flooded with pong messages that it has not requested: a denial-of-service attack at x a ping(x,all) pong(y´,x) x y pong(y, x) 10/05/2010

7 Countering Smurf Attack
Make each router check the src of each received message and discard the message if the src is suspicious src=x shouldn’t come to me R1 R2 R3 a ping(x, all) x y 10/05/2010

8 Clever Smurf Attack An adversary inserts a ping(x, all) message between routers R2 and R3 R3 thinks the message was forwarded by R2 and so accepts the message a R1 R2 R3 ping(x, all) x y 10/05/2010

9 Countering Clever Smurf Attack
When R3 receives a message, R3 needs to determine whether message was indeed sent by R2, or was modified or replayed by an adversary between R3 and R2 If use IPSec, will need to set up SA’s between each pair of adjacent routers: too expensive Our solution: use hop integrity protocol between each pair of adjacent routers 10/05/2010

10 Hop Integrity Let p, q be routers connected to same subnetwork
Detection of Message Modification: when q receives a message m supposedly from p, q can check that m was not modified after sent Detection of Message Replay: when q receives a message m supposedly from p, q can check that m was not a replay of an old message 10/05/2010

11 Adversary vs. Routers The adversary can perform three types of actions to disrupt communication between two routers Message loss Message modification Message replay The routers are assumed to be secure and cannot be compromised by the adversary The routers will execute hop integrity protocols that can detect and defeat the adversary actions 10/05/2010

12 Hop Integrity Protocol
Each pair of adjacent routers need to share a secret S, which is updated periodically by the two routers using a secret exchange protocol To each IP message sent between two adjacent routers, add a sequence number seq, and an integrity check d d := MD(S | hdr | seq | txt) d 20 bytes if SHA-1 MD appropriate HMAC function seq 4 bytes hdr txt IP message hdr seq d txt 10/05/2010

13 Architecture of Hop Integrity Protocols
router p router q Application s Applications Transport Transport secret exchange pe qe layer secrets secrets Network Network integrity check pw or ps qw or qs layer Subnetwork Subnetwork . 10/05/2010

14 Component of Hop Integrity Protocols
Three protocols between each pair of adjacent routers secret exchange protocol weak integrity protocol strong integrity protocol 10/05/2010

15 How to Exchange Secret Each router p has a secret S that it uses for computing the digest of every msg sent to an adjacent router q Both p and q need to know S What if p sends secret update message to q periodically? Problem due to message loss What if p sends secret update message to q periodically and q sends an ack to p? Problem due to bundling of secret exchange layer and integrity check layer 10/05/2010

16 Secret Exchange Protocol
q updates secret S used by p by sending a secret update message to p every T hours When p receives secret update message from q, p updates secret and sends an ack to q If q does not receive ack from p for t seconds, q retransmits the secret update message 10/05/2010

17 Secret Exchange Protocol
q p S S[1] S[0] = S[1] = S S[0] old S[1] new BpS[0], S[1] if S = S[0]  S = S[1] then S :=S[1] BqS if S[1] = S then S[0] :=S[1] S[0] = S[1] = S T hours S[0] old S[1] new BpS[0], S[1] if S = S[0]  S = S[1] then S :=S[1] BqS if S[1] = S then S[0] :=S[1] S[0] = S[1] = S 10/05/2010

18 Recovery from Message Loss in Secret Exchange Protocol
q p S S[1] S[0] = S[1] = S S[0] old S[1] new BpS[0], S[1] t seconds S[0] = S  S[1] BpS[0], S[1] if S = S[0] S = S[1] then S :=S[1] t seconds BqS S[1] = S  S[0] BpS[0], S[1] if S = S[0] S = S[1] then S :=S[1] BqS if S[1] = S then S[0] :=S[1] S[0] = S[1] = S 10/05/2010

19 Weak Integrity Protocol
To detect insertion and modification Each sent msg from p to q is as follows (hd | d | txt) where p computes d as d = MD(S | hd | txt) On receiving a msg, q checks if d = MD(S[0] | hd | txt)  d = MD(S[1] | hd | txt) then q forwards msg else q discards msg 10/05/2010

20 Weak Integrity Protocol
S[0] q p S S[1] (hd | d | txt) . 10/05/2010

21 Strong Integrity To detect replay, successive sequence numbers are attached to all sent msgs from p to q Problem with reset If p is reset, unbounded number of fresh messages are discarded by q If q is reset, it can accept unbounded number of replayed messages Two solutions to overcome reset Soft sequence numbers Hard sequence numbers 10/05/2010

22 Soft Sequence Numbers Successive sequence numbers are attached to all sent msgs from p to q: (hd | sq | txt) q maintains three variables exp sequence number of next msg c #msgs received cmax random value changed when c reaches it On receiving a msg, q checks if (exp  sq)  (c = cmax) then q forwards msg else q discards msg fi; q updates exp, c, cmax 10/05/2010

23 Soft Sequence Numbers q p exp sq c cmax (hd | sq | txt) sq sq+1 c = 0
. c = 1 . . c = cmax : choose new cmax, c = 0 10/05/2010

24 Strong Integrity Protocol Using Soft Sequence Numbers
Each sent msg from p to q is as follows (hd | sq | d | txt) where p computes d as d = MD(S | hd | sq | txt) On receiving a msg, q checks if (d = MD(S[0] | hd | sq | txt)  d = MD(S[1] | hd | sq | txt) )  (exp  sq  c = random value cmax) then q forwards msg else q discards msg fi; q updates exp, c, cmax 10/05/2010

25 Hard Sequence Numbers To overcome reset, use two operations SAVE and FETCH When SAVE is executed, the last sequence number will be stored in persistent memory When FETCH is executed, the last stored sequence number will be loaded from persistent memory into memory 10/05/2010

26 Strong Integrity Protocol Using Hard Sequence Numbers
Each sent msg from p to q is as follows (hd | sq | d | txt) where p computes d as d = MD(S | hd | sq | txt) On receiving a msg, q checks if (d = MD(S[0] | hd | sq | txt)  d = MD(S[1] | hd | sq | txt) )  (exp  sq) then q forwards msg else q discards msg fi; q updates exp p and q executes SAVE periodically When waking up from a reset, p (or q) executes FETCH to fetch last stored seq#, executes SAVE to store next seq#, and continues after SAVE finishes 10/05/2010

27 Tradeoff between Soft and Hard Sequence numbers
Soft sequence numbers are easier to implement Do not require SAVE and FETCH operations and do not require persistent memory Hard sequence numbers provide better security When use soft sequence numbers, adversary has a chance, although small, to guess and get its sequence number accepted When use hard sequence numbers, p and q stick to their sequence numbers and leave adversary no chance 10/05/2010

28 Other Applications of Hop Integrity
Mobile IP Secure multicast Security of routing protocols 10/05/2010

29 Mobile IP A mobile computer c can visit a foreign network F other than its home network H Msgs destined for c will be received by its home agent (HA) and forwarded to its foreign agent (FA) m m home agent (HA) c Internet m F H foreign agent (FA) 10/05/2010

30 Problem with Mobile IP Mobile computer c can send a msg thru FA
However, this msg may be filtered out by next router q because its source address is “strange” ? m q home agent (HA) c Internet m F H foreign agent (FA) 10/05/2010

31 Mobile IP with Hop Integrity
With integrity check d added to msg m, q can check that m was indeed forwarded by FA Thus, q ignores strange source of msg m and forwards m toward its ultimate destination m d m d q home agent (HA) c Internet m d F H foreign agent (FA) 10/05/2010

32 Multicast Multicast msgs are forwarded through a spanning tree from root to every multicast destination If a destination receives a multicast msg, then each destination receives a copy of same msg with high probability 10/05/2010

33 Multicast Multicast msgs are forwarded through a spanning tree from root to every multicast destination If a destination receives a multicast msg, then each destination receives a copy of same msg with high probability 10/05/2010

34 Multicast Multicast msgs are forwarded through a spanning tree from root to every multicast destination If a destination receives a multicast msg, then each destination receives a copy of same msg with high probability 10/05/2010

35 Multicast Multicast msgs are forwarded through a spanning tree from root to every multicast destination If a destination receives a multicast msg, then each destination receives a copy of same msg with high probability 10/05/2010

36 Security Problem with Multicast
If adversary inserts or modifies a multicast msg between two routers in middle of tree, then only a small fraction of multicast destinations receive the inserted or modified msg 10/05/2010

37 Multicast with Hop Integrity
With hop integrity, an inserted or modified multicast message will be detected and discarded at its first hop in the spanning tree 10/05/2010

38 Routing Information Protocol (RIP)
Every 30 seconds, RIP process in router R’ sends its routing table in a response msg to RIP process in each adjacent R R updates its routing table when it receives a response msg from any adjacent R’ Security problem R R RIP RIP UDP IP IP 10/05/2010

39 RIP with Hop Integrity With hop integrity, the response msgs are protected against message modification, insertion, and replay R R RIP RIP UDP Secret Update Secret Update IP IP Integrity Check Integrity Check 10/05/2010

40 Security of Routing Protocols
Hop integrity can also provide uniform protection (against message modification, insertion, and replay) for other routing protocols OSPF protocols (Hello, Exchange, Flood) RSVP Better than custom security mechanisms that have been proposed for some protocols 10/05/2010

41 Implementation of Hop Integrity
Implementation of hop integrity protocols in Linux kernel Add integrity check digest and soft sequence number to IP options in IP header Compatible with legacy routers Flexibility of deployment 10/05/2010

42 Related Works Ingress filtering [RFC2827] and egress filtering [RFC3013]: Completes hop integrity Secure routing: Not needed if hop integrity is installed Traceback: Cannot prevent denial-of-service attacks, but can detect some of them IPsec: Has goals other than dealing with denial-of-service attacks 10/05/2010

43 Next Class Midterm Exam on Oct. 12: good luck to all of you!
After Midterm Exam: Security in transport layer SSL and TLS Application of SSL/TLS in Web security 10/05/2010

Download ppt "CSCE 715: Network Systems Security"

Similar presentations

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
Security Issues In Mobile IP

Security Issues In Mobile IP
Secure Mobile IP Communication

Secure Mobile IP Communication
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
CSCE 715: Network Systems Security

CSCE 715: Network Systems Security
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.

IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
1 Chapter06 Mobile IP. 2 Outline What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution?

1 Chapter06 Mobile IP. 2 Outline What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution?
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)

Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Firewalls. Evil Hackers FirewallYour network Firewalls mitigate risk Block many threats They have vulnerabilities.

Firewalls. Evil Hackers FirewallYour network Firewalls mitigate risk Block many threats They have vulnerabilities.

Similar presentations

Ads by Google