Presentation is loading. Please wait.

Presentation is loading. Please wait.

Effective Countermeasures Against Emerging Threats in the Future Internet Salvatore D’Antonio Consorzio Interuniversitario Nazionale per l’Informatica.

Published byStephany Stone Modified over 9 years ago

Similar presentations

Presentation on theme: "Effective Countermeasures Against Emerging Threats in the Future Internet Salvatore D’Antonio Consorzio Interuniversitario Nazionale per l’Informatica."— Presentation transcript:

1 Effective Countermeasures Against Emerging Threats in the Future Internet Salvatore D’Antonio Consorzio Interuniversitario Nazionale per l’Informatica Canada-EU Future Internet Workshop March 23-24, 2011 – Waterloo, Canada

2 EC Grant Agreement n. 216585 Project overview –IN-TE-R-SE-C-T-I-O-N : INfrastructure for heTErogeneous, Resilient, SEcure, Complex, Tightly Inter-Operating Networks –ICT Call 1 of Seventh Framework Programme (FP7) –Work programme topic addressed Challenge 1: Pervasive and Trusted Network and Service Infrastructures Objective ICT-2007.1.4: Secure, dependable and trusted infrastructures –Start date: January 1st, 2008 –Duration: 24 months

3 EC Grant Agreement n. 216585 Security and resilience in network infrastructures –Design of scalable, secure and resilient network architectures in order to enable dynamic management policies ensuring end–to-end secure data transmission and service provisioning across heterogeneous infrastructures and networks; real time detection and recovery capabilities against intrusions, malfunctions and failures Trusted computing infrastructures –Design of computing infrastructures enabling interoperability and end-to-end security in order to ensure the design and development of trustworthy applications and services Context

4 EC Grant Agreement n. 216585 The Consortium ACADEMY Consorzio Interuniversitario Nazionale per l’Informatica [Italy] Lancaster University [UK] Fraunhofer Gesellschaft Zur Foerderung Der Angewandten Forschung [Germany] Eidgenoessische Technische Hochschule Zuerich [Switzerland] INDUSTRY Elsag Datamat (Coordinator) [Italy] Thales Research and Technology [UK] ITTI (SME) [Poland] END USERS Telefonica ID Investigación y Desarollo [Spain] Telespazio [Italy] Polska Telefonia Cyfrowa [Poland] ACADEMY Consorzio Interuniversitario Nazionale per l’Informatica [Italy] Lancaster University [UK] Fraunhofer Gesellschaft Zur Foerderung Der Angewandten Forschung [Germany] Eidgenoessische Technische Hochschule Zuerich [Switzerland] INDUSTRY Elsag Datamat (Coordinator) [Italy] Thales Research and Technology [UK] ITTI (SME) [Poland] END USERS Telefonica ID Investigación y Desarollo [Spain] Telespazio [Italy] Polska Telefonia Cyfrowa [Poland]

5 EC Grant Agreement n. 216585 Project motivation

6 EC Grant Agreement n. 216585 Heterogeneous networks Networks based on different low-level protocols (physical, data link) A data network composed of devices from different manufacturers and/or different types of LANs A heterogeneous network is a network connecting computers and other devices with different operating systems and/or protocols, services and applications Interconnection of different type of networks relying on different communication technologies Interconnection of networks managed by different telecom operators adopting diverse security policies

7 EC Grant Agreement n. 216585 Identify and classify the vulnerabilities of heterogeneous and interconnected network infrastructures (wired, wireless, satellite, mobile networks) Create and maintain a network vulnerability database Design and implement an integrated network security framework including different components and tools: –detecting anomalous events –reacting to well-known, as well as new kinds of anomalies –deploying truly distributed countermeasures against ongoing attacks –providing systems with mechanisms for intrusion tolerance, i.e. preventing intrusions from generating a system failure Main objectives

8 EC Grant Agreement n. 216585 INTERSECTION Vulnerability Database

9 EC Grant Agreement n. 216585 The INTERSECTION framework

10 EC Grant Agreement n. 216585 Remediation Reaction Detection Visualization Network Monitoring The real-time intrusion detection and tolerance system

11 EC Grant Agreement n. 216585 The INTERSECTION Intrusion Detection System E v e n t B u s

12 EC Grant Agreement n. 216585 Stealth attacks –“minimize the cost to and visibility of the attacker but which are about as harmful as brute force attacks” (wireless) – M. Jakobsson et al., Stealth Attacks on Ad Hoc Wireless Networks, 2003 –“become invisible (or at least very difficult to detect) to network-based defences” – A. D. Keromytis et al., Defending Against Next Generation through Network/Endpoint Collaboration and Interaction, 2007 Use case: detection of stealth attacks

13 EC Grant Agreement n. 216585 Good candidate as Stealth Attack –“The low-rate attack raises serious concern because it can be significantly harder to detect than more traditional brute-force, flooding style attacks” – H. Sun et al., Defending Against Low-rate TCP Attacks: Dynamic Detection and Protection, 2004 –“low-rate denial of service attacks, unlike high-rate attacks, are difficult for routers and counter-DoS mechanisms to detect” – E. Knightly et al., Low-rate TCP- targeted denial of service attacks and counter strategies, 2006 Low-rate DoS attack

14 EC Grant Agreement n. 216585 Short traffic bursts –maliciously chosen duration –maliciously chosen low frequency Evade rate-controlling detection mechanisms Periodically keeps the network very busy Influences the TCP congestion control mechanisms of hosts sharing network segments between the attacker and the attack target Throttles other TCP flows' rate far below their ideal value Detection of stealth attacks

15 EC Grant Agreement n. 216585 Generate traffic traces including low-rate attacks –Shrew attack tools Define traffic metrics for behavioural modelling –Statistical parameters Extract behaviour patterns for attack classification Machine learning algorithms Detection approach

16 EC Grant Agreement n. 216585 Feature vectors computation through traces processing –Ad-hoc developed Snort plug-in Feature vectors classification Traffic model extraction by means of several supervised machine learning algorithms –Decision Tree J48 –SVM –Bayesian Network –Boosting Model extraction

17 EC Grant Agreement n. 216585 The INTERSECTION demonstrator

18 EC Grant Agreement n. 216585 Contacts Website : http://www.intersection-project.eu Information : info@intersection-project.eu Project Coordinator: Stefano Vertechi svertechi@selex-si.com Technical Coordinator : Salvatore D’Antonio salvatore.dantonio@uniparthenope.it Networking Station 29 @ EU-Canada Future Internet Workshop

Download ppt "Effective Countermeasures Against Emerging Threats in the Future Internet Salvatore D’Antonio Consorzio Interuniversitario Nazionale per l’Informatica."

Similar presentations

Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.

Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.
1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.

1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.
Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.

Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
DESEREC, an ICT for Trust and Security project DESEREC: Dependability and Security by Enhanced Reconfigurability.

DESEREC, an ICT for Trust and Security project DESEREC: Dependability and Security by Enhanced Reconfigurability.
Www.mobilevce.com © 2005 Mobile VCE Securing the Future: Device & Service Security Stephen Hope, FT R&D UK Ltd on behalf of Nigel Jefferies, Vodafone Chair.

© 2005 Mobile VCE Securing the Future: Device & Service Security Stephen Hope, FT R&D UK Ltd on behalf of Nigel Jefferies, Vodafone Chair.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.
PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)

PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)
Testing Intrusion Detection Systems: A Critic for the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory By.

Testing Intrusion Detection Systems: A Critic for the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory By.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google