Presentation is loading. Please wait.

Presentation is loading. Please wait.

NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA.

Published byElijah Park Modified over 9 years ago

Similar presentations

Presentation on theme: "NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA."— Presentation transcript:

1 NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA FTN PI Meeting January 17, 2001

2 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting2 Timetable and Participants Start date = August 1999 Duration = 36 months Point of contact = Dr. Kevin Kwiat, AFRL, kevin.kwiat@rl.af.mil, (315) 330-1692 No clearances Douglas ReevesN.C. State University reeves@eos.ncsu.edu (919) 515-2044 S. Felix WuU.C. Davis wu@cs.ucdavis.edu (530) 754-7070 Dan StephensonMCNC

3 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting3 QoS - A New Vulnerability Guaranteeing QoS for a “flow” requires providing adequate resources –If you can't get or keep resources, your QoS is denied Normal users will try to get maximum QoS without regard to others Malicious users will try to deny quality of service to others

4 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting4 The ARQOS Project: Overview / Basic Strategies 1.Enforceable resource allocation policies, using pricing 2.Authorization and authentication to protect QoS signaling 3.Detect QoS attacks (monitor and analyze) 4.Other 8-)

5 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting5 1.Pricing: Pay as You Go Resources are priced, users have to “pay” to get what they want Policies –"fair" allocations, prioritize users, network optimization,... Steps –Measure demand –Compute prices –Distribute prices –Adjust demand “Appropriate" timescale / resource granularity for pricing?

6 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting6 (1a. Pricing) Fixed or Variable Prices? Some users want lowest price (greatest resource amount) Some users want predictability (fixed resource amount) Goal: support both types of users

7 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting7 “Spot” (Variable) Market Timing User demands and resource prices change dynamically, asynchronously Changes in Demand Price Adjustments Time

8 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting8 Spot Market Example 160 users, MPEG video traffic, standard benchmark network

9 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting9 Spot Market Properties Fully distributed Asynchronous, dynamic Low overhead Provably fair Provably optimal But… unpredictable prices

10 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting10 Predictability: The Reservation Market Changes in Demand Price Adjustments Time Pricing Periods

11 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting11 Combining the Two Markets Split each resource into "available" and "reservable" portions Users specify their preferences for price vs. predictability Compute prices separately for available and reservable parts

12 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting12 User Preferences

13 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting13 Reservation Market Example

14 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting14 Results Ability to trade off risk (unpredictability) for reward (low prices) very flexibly –No other system combines reservations and dynamic pricing Independent of the mechanism for computing reserved prices –We predicted future demand from past demand for demonstration purposes

15 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting15 (1b. Pricing) Implementation Conventional Resource Reservation (no pricing)

16 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting16 Implementation with pricing (now)

17 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting17 Implementation with pricing and authorization (next)

18 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting18 2. Authorizing Resource Allocation Setting up connections –Control plane: Authenticate, authorize, and manage requests for services –Bearer plane: Admission control and resource reservation –These have to be coordinated! Who does what? –Hosts request the services –Session management servers implement the control plane –Policy servers and routers implement the bearer plane

19 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting19 Network Relationships

20 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting20 The Evolving Network Model Bearer path (even the first hop) highly changeable –E.g., mobility No one institution owns the whole network any more –Multiple carriers –Multiple service providers Businesses will partner, but don't want to share secrets or relinquish control –E.g., reluctant to divulge network topology information

21 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting21 Our Solution 1.Session Manager authorizes resource allocation and issues a "ticket" to the Host 2.Ticket is propagated to Policy Servers 3.Policy Server uses ticket to verify request is authorized

22 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting22 Solution Example

23 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting23 Contents of the Ticket (Example) Originating party IP address/port # Terminating party IP address/port # Session identifier Media stream characteristics being authorized Authorization lifetime (no stockpiling of tickets!) Identity of Session Manager (issuing this ticket) Signature of Session Manager –Prevents tampering with ticket contents

24 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting24 Authentication of Ticket Must not be possible to forge, modify, or reuse a ticket Assume Key Exchange Server (KES) exists and is trusted Signature based on Session Manager's key Policy Server requests key of Session Manager from Key Exchange Server for decryption –key can be cached to reduce overhead

25 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting25 Protocol Impacts RSVP "Identity Representation" –Existing proposal for inserting authorization objects into RSVP messages COPS –Already contains authorization “object” Session Description Protocol (SDP) –a few new fields added to SDP (carried by SIP)

26 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting26 Discussion Compatible with mobile IP networks, appears attractive for 3G wireless Session Manager oblivious to the topology of the bearer path Integrate authorization / authentication with allocation –Establish trust before allocating resources –Introduce "credential" methods to ensure trust Topic #1, BAA01-22!

27 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting27 Results Reeves and Christie (Nortel): patent application, October 2000 Hamer and Gage (Nortel): IETF submission draft-hamer-sip-session-auth-00.txt, November 2000 Prototypes being implemented by Nortel and N.C. State

28 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting28 3. Packet Dropping Attacks Maliciously cause packets to be dropped –All packets? Too obvious –Some random packets –Some important packets, e.g., retransmission packet Hard to detect –Packet loss might be due to normal network congestion

29 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting29 Ways to Implement Dropping Attacks Compromise intermediate routers –Easy to manipulate the victim's traffic –Hard to detect –Difficult to accomplish Congest intermediate routers –Hard to accurately control the dropping –Easier to detect –Easy to accomplish, e.g., Tribe Flood Network

30 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting30 Experiment Setting 4 FTP Servers across the Internet FTP client runs Linux 2.0.36 in SHANG lab Size of downloaded file is 5.5MB Attack Agent 4runs on the same host as FTP client 4act as a compromised router FTP Interne t Divert Socket FTP Client on Linux xyz.zip 5.5M FTP Server Attack Agent Data Packets

31 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting31 Experiments over the Internet FTP Client NCSU FTP Servers Heidelberg NCU SingNet UIUC

32 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting32 Results: Impact on Average Pkt. Delay 7 packets are dropped among more than 4000 packets in a connection

33 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting33 Q-Test Detection Mechanism Based on ideas from NIDES-STAT (SRI) –Collect data on “normal” behavior –Compare expected distribution vs observed distribution –Is the deviation significant? Implementation: TDSAM

34 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting34 Example Experiment Long-Term profile –nbin = 5, bin-width =800 –p 1 =0.194339, p 2 =0.200759, p 3 =0.197882, p 4 =0.204260, p 5 =0.202760. PerPD(20,4,5) –drop packets only in the first 85. –p 1 =0.837264, p 2 =0.039390, p 3 =0.043192, p 4 =0.041045, p 5 =0.039109.

35 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting35 Q-Distribution for Position of Dropped Packets

36 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting36 Q-Distribution for Packet Delay

37 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting37 Results Performance –False alarm rate: 1.1% ~ 5.8% –Detection rate: high on most cases except for those causing very minor damage Best results: use combined metrics

38 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting38 Results: Position Measure

39 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting39 Results: Delay Measure

40 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting40 Results: Packet Loss Rate Measure

41 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting41 4. Policy Consistency Checking IPSec policies are created by administrators to establish VPNs The set of policies is supposed to implement a set of high-level requirements –Ex. policy 1 + policy 2 + policy 3 = no data transmitted in the clear between site A and site B How can you tell if set of policies conflicts?

42 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting42 H1FW1SW2 H2 Example of a Policy Conflict Security policies –P1 = all packets from H1 to H2 must be authenticated to SW2 –P2 = all packets from H1 to H2 must be encrypted from FW1 to SW2 Result –P1 changes src/dest of packets from H1/H2 to H1/SW2 –P2 is not invoked on these packets, which are therefore not encrypted –Security breach!

43 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting43 Status Define language to specify high-level requirements Define what consistency checking of policies means  Create polynomial algorithm to check for conflicts  Resolve policy conflicts if they are found Tech transfer opportunity with Nortel

44 NC State / UC Davis / MCNC January 17, 2001 -- FTN PI Meeting44 Deliverables Accomplished –Congestion pricing system papers –Papers: iwqos, icnp (3 times), net2k, policy 2001,... –Software: packet dropping attack analysis, RSVP authentication –Patents, standards submissions, implementation: tech transfer to Nortel Future –Software: RSVP / policy server / COPS, Authorization, TCP with pricing, DiffServ attack analysis –Final report

Download ppt "NC State / UC Davis / MCNC Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves  S. Felix Wu  Dan Stephenson DARPA."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Secure Mobile IP Communication

Secure Mobile IP Communication
Traffic Shaping Why traffic shaping? Isochronous shaping

Traffic Shaping Why traffic shaping? Isochronous shaping
RSVP Cryptographic Authentication ...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.

RSVP Cryptographic Authentication "...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.
CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)

CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
A Case for Relative Differentiated Services and the Proportional Differentiation Model Constantinos Dovrolis Parameswaran Ramanathan University of Wisconsin-Madison.

A Case for Relative Differentiated Services and the Proportional Differentiation Model Constantinos Dovrolis Parameswaran Ramanathan University of Wisconsin-Madison.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
UNCW UNCW SIGGRAPH 2002 Topic #3: Continuous Media in Wired and Wireless Environments Ronald J. Vetter Department of Computer Science University of North.

UNCW UNCW SIGGRAPH 2002 Topic #3: Continuous Media in Wired and Wireless Environments Ronald J. Vetter Department of Computer Science University of North.
01/04/2007ecs236 winter 20071 Intrusion Detection ecs236 Winter 2007: Intrusion Detection #2: Anomaly Detection Dr. S. Felix Wu Computer Science Department.

01/04/2007ecs236 winter Intrusion Detection ecs236 Winter 2007: Intrusion Detection #2: Anomaly Detection Dr. S. Felix Wu Computer Science Department.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.

Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
01/04/2006ecs236 winter 20061 Intrusion Detection ecs236 Winter 2006: Intrusion Detection #3: Anomaly Detection Dr. S. Felix Wu Computer Science Department.

01/04/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #3: Anomaly Detection Dr. S. Felix Wu Computer Science Department.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Similar presentations

Ads by Google