Download presentation
Presentation is loading. Please wait.
Published byShanon Smith Modified over 9 years ago
1
SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail
2
The main components Target Legitimate user Attacker
3
The basic idea DoS attacks succeed because the target is easy to find SOS Idea: Create an overlay and send the traffic through it
4
The Goal Allow already approved users to communicate with a target Prevent attackers packets from reaching the target The solution must be easy to distribute
5
1 st Step - Filter Routers near target filter packets according to their IP address – Legitimate users’ IP addresses allowed through – Illegitimate users’ IP addresses aren’t Problems: I)“good” and “bad” user share the same IP address II)”bad” user knows “good” user’s IP III)”good” user changes IP frequently Target Filter
6
2 nd Step - Proxy Install Proxies outside the filter whose IP addresses are permitted through the filter – Proxy only lets verified packets from legitimate sources through the filter Problem: I)Attacker pretends to be the proxy II)Attacker attacks the proxy Proxy Target
7
3 rd Step – Secret Servlet Keep the identity of the proxy secret – Name it Secret Servlet – Secret Servlet is known only by the target, and a few other points in the network
8
4 th Step – Overlays Send traffic to the secret servlet via a network overlay – Nodes: Devices – Paths: IP paths Verification can be performed inside each node Node Network overlay
9
5 th Step – SOAP Secure Overlay Access Points – Receive unverified packets and verify(IPsec,TLS) – Large number of SOAPS – Distributed firewall Node soap
10
Routing inside SOS Random route until secure servlet is reached(Inefficient) Instead use Chord service(hash function) Reaches a unique node called beacon Secret servlet, target inform beacon Node soap Node beac on
11
Overview of SOS User Node soap Node beac on Node Secure Servlet Target Secure Servlet Secure Servlet Secure Servlet beac on
12
Attacking SOS You can not directly attack target Attack secret servlet Attack beacons Attack other overlay nodes
13
Attacking Analysis Static Attack N # of nodes in the overlay SOAP = 10 Beacon = 10 Secure Servlet = 10 In order to have a successful DoS attack almost all overlay nodes must be compromised!
14
Attacking Analysis Static Attack In order to have a successful DoS attack number of beacons must be quite small!
15
Attacking Analysis Dynamic Attacks – SOS detects & removes attacked nodes – Attacker shifts from a removed node to an active one
16
Conclusions SOS protects a target from DoS attacks How? – Filter around the target – Hidden proxies – Network overlay for legitimate users to reach hidden proxies
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.