Presentation on theme: "NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility."— Presentation transcript:
NS-H /11041 Attacks
NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable Security rests on confidentiality, authenticity, integrity, and availability
NS-H /11044 Security Threats and Attacks A threat is a potential violation of security. –Flaws in design, implementation, and operation. An attack is any action that violates security. –Active adversary. Common threats: –Snooping/eavesdropping, alteration, spoofing, repudiation of origin, denial of receipt, delay and denial of service.
NS-H /11045 Types of Attacks Passive ThreadsActive Threads Release of Message Contents Traffic Analysis MasqueradeReplayModification of Message Contents Denial of Service
NS-H /11046 Attacks, Services and Mechanisms Security Attack: –Any action that compromises the security of information. Security Mechanism: –A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: – A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
NS-H /11047 Security Attacks Interruption: –attack on availability Interception: –attack on confidentiality Modfication: –attack on integtrity Fabrication: –attack on authenticity
NS-H /11048 Security Attacks
NS-H /11049 Eavesdropping - Message Interception Attack on Confidentiality Unauthorized access to information Packet sniffers and wiretappers Illicit copying of data and programs SR Eavesdropper
NS-H / Tampering With Messages Integrity Attack Stop the flow of the message Delay and optionally modify the message Release the message again SR Perpetrator
NS-H / Fabrication Authenticity Attack Unauthorized assumption of other’s identity Generate and distribute objects under this identity SR Masquerader: from S
NS-H / Attack on Availability Destroy hardware (cutting fiber) or software Modify software in a subtle way (alias commands) Corrupt packets in transit Blatant denial of service (DoS): –Crashing the server –Overwhelm the server (use up its resource) SR
NS-H / Threat Examples - IP Spoofing A common first step to many threats. Source IP address cannot be trusted! IP PayloadIP Header SRC: source DST: destination SRC: DST: Is it really from Columbia University?
NS-H / Routers Only Care About Destination xx xx.xx Rtr src: dst: Columbia Georgia Tech xxRtr src: dst: Stanford
NS-H / Why Should I Care? Attack packets with spoofed IP address help hide the attacking source. A smurf attack launched with your host IP address could bring your host and network to their knees. Higher protocol layers (e.g., TCP) help to protect applications from direct harm, but not enough.
NS-H / Current IPv4 Infrastructure No authentication for the source Various approaches exist to address the problem: –Router/firewall filtering –TCP handshake
NS-H / Router Filtering xx Rtr src: dst: Stanford Hey, you shouldn’t be here! Decide whether this packet, with certain source IP address, should come from this side of network. Not standard - local policy.
NS-H / Router Filtering Very effective for some networks (ISP should always do that!) –At least be sure that this packet is from some particular subnet Problems: –Hard to handle frequent add/delete hosts/subnets or mobileIP –Upsets customers should legitimate packets get discarded –Need to trust other routers
NS-H / TCP Handshake client server SYN seq=x SYN seq=y, ACK x+1 ACK y+1 connection established
NS-H / TCP Handshake xx xx.xx Rtr Columbia Georgia Tech xxRtr src: dst: Stanford x seq=y, ACK x+1 The handshake prevents the attacker from establishing a TCP connection pretending to be
NS-H / TCP Handshake Very effective for stopping most such attacks Problems: –The attacker can succeed if “y” can be predicted –Other DoS attacks are still possible (e.g., TCP SYN-flood)
NS-H / IP Spoofing & SYN Flood X establishes a TCP connection with B assuming A’s IP address A B X (1) SYN Flood (2) predict B’s TCP seq. behavior SYN(seq=m),src=A (3)(4)SYN(seq=n)ACK(seq=m+1) (5) ACK(seq=n+1)
NS-H / Vulnerability A vulnerability (or security flaw) is a specific failure of the security controls. Using the failure to violate the site security: exploiting the vulnerability; the person who does this: an attacker. It can be due to: –Lapses in design, implementation, and operation procedures. –Even security algorithms/systems are not immune! We will go over some examples in this course.
NS-H / IP Protocol-related Vulnerabilities Authentication based on IP source address –But no effective mechanisms against IP spoofing Consequences (possible exploits) –Denial of Service attacks on infrastructures, e.g. IP Spoofing and SYN Flood Smurf and Fraggle attacks OSPF Max Sequence
NS-H / Methods of Defence Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls
NS-H / Impact of Attacks Theft of confidential information Unauthorized use of –Network bandwidth –Computing resource Spread of false information Disruption of legitimate services All attacks can be related and are dangerous!
NS-H / The Security Life Cycle The iterations of –Threats –Policy –Specification –Design –Implementation –Operation and maintenance