Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,"— Presentation transcript:

1 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li, Mirkovic, Wang, Reiher, Zhang Presented By: Michael Pincott Date: 07/22/2003

2 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 2 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

3 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 3 SAVE: Introduction IPs Must Carry Correct Source Address IPs Must Carry Correct Source Address –Forging of IP source address allows: AnonymityAnonymity DDoS AttacksDDoS Attacks TCP SYN FloodsTCP SYN Floods Smurf AttacksSmurf Attacks

4 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 4 SAVE: Introduction Existing Methods of Handling Forged IPs: Existing Methods of Handling Forged IPs: –Tracing back the source of the attack with the help of system administrators. –Ingress Filtering –Filtering forged packets on basis of forwarding table –Using cryptographic authentication

5 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 5 SAVE: Introduction Solution: Solution: –Build reliable router tables specifying the allowable incoming source address on incoming connections. –Run on individual routers.

6 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 6 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

7 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 7 Design Principles SAVE Protocol: SAVE Protocol: –Routing Protocol Independence –Immediate Response to Routing Changes –Security –Incremental Deployment –Low Overhead

8 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 8 Design Principles SAVE Updates: SAVE Updates: –End-to-End Communication –Aggregation of SAVE Updates –Minimize Duplication

9 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 9 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

10 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 10 SAVE Protocol Build router tables that specify valid source addresses on incoming interfaces. Build router tables that specify valid source addresses on incoming interfaces. SAVE updates are then sent to routers downstream so they can build tables listing valid source address that can come from these incoming interfaces. SAVE updates are then sent to routers downstream so they can build tables listing valid source address that can come from these incoming interfaces. SAVE updates consist or three fields – destination address space, address space vector, appendable flag. SAVE updates consist or three fields – destination address space, address space vector, appendable flag.

11 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 11 SAVE Protocol Example – Save Updates: Example – Save Updates: –Router B forwards packets from a network that have the source addresses of 131.192.0.0/16 and sends this data to router A. –Router A is connected to routers R and r through interface 1 and 2. –Router A forwards the SAVE information through interfaces 1 and 2 to routers R and r.

12 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 12 SAVE Protocol Example – Routing Changes: Example – Routing Changes: –(b) Router A keeps lists of the source addresses it expects to receive on each incoming interface. –Link DB goes down. –(c) Save Updates inform router A to expect valid source addresses on different interfaces.

13 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 13 SAVE Protocol Example – Routing Changes and Incoming Tree Updates: Example – Routing Changes and Incoming Tree Updates: –(a) Router A has a tree listing all the valid source addresses arriving at each interface. –Link DB goes down. –(b) Tree is updates to show the change in network topology due to link DB’s failure.

14 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 14 SAVE Protocol Tree Attributes: Tree Attributes: –Tree is constructed through SAVE updates. –Tree nodes represent specific source address spaces. –Child nodes inherit the same incoming interface as their parent.

15 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 15 SAVE Protocol

16 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 16 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

17 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 17 SAVE Updates Updates consist of: Updates consist of:, appendable = true/false>, appendable = true/false> –Destination Space is the final destination address of this SAVE update –Address Space Vector records source address spaces on the path the SAVE update has traversed in route to the destination. –Appendable is a flag that allows routers in route to the destination to update with ASR with more information. Updates are encapsulated inside the IP datagram whose destination is randomly chosen from D. Updates are encapsulated inside the IP datagram whose destination is randomly chosen from D.

18 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 18 SAVE Updates SAVE updates in route to the destination will go through other SAVE routers. Each intermediate routers updates its SAVE tree based on the source addresses in the ASV field of the SAVE update. SAVE updates in route to the destination will go through other SAVE routers. Each intermediate routers updates its SAVE tree based on the source addresses in the ASV field of the SAVE update. If the appendable flag is a true, the intermediate SAVE router can update and append values in the ASV field. If the appendable flag is a true, the intermediate SAVE router can update and append values in the ASV field.

19 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 19 SAVE Updates SAVE Update Processing: SAVE Update Processing: –When a router receives a SAVE Update it must perform some processing to maintain its tree. –Records the path that the SAVE update have traversed. –Assures the SAVE update follows the same path to the destination as the data packet.

20 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 20 SAVE Updates ASV Maintenance: ASV Maintenance: –If a router initiates a SAVE update to a destination router that has the same destination as another SAVE update that was just transmitted, the appendable flag can be set to false as there is no need to resend redundant data. –Downstream routers can still read the ASV field but can not append to it.

21 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 21 SAVE Updates SAVE Update Forwarding: SAVE Update Forwarding: –SAVE Updates are sent to all routers in its IP forwarding tables. –In cases where there are multiple forwarding points going to the same destination, SAVE duplicates SAVE updates and forwards SAVE updates to the multiple forwarding points.

22 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 22 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

23 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 23 Security Securing SAVE is similar to securing routing protocols. Securing SAVE is similar to securing routing protocols. SAVE Updates should be exchanged between routers and not hosts. SAVE Updates should be exchanged between routers and not hosts. –Attackers would have to compromise routers to mount attacks on SAVE. Routers should establish trust relationships prior to SAVE Update exchanges. Routers should establish trust relationships prior to SAVE Update exchanges. SAVE Updates should be signed or encrypted. SAVE Updates should be signed or encrypted. Processing of SAVE Updates should require minimal overhead to prevent against DoS attacks. Processing of SAVE Updates should require minimal overhead to prevent against DoS attacks.

24 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 24 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

25 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 25 Simulation Goals: Goals: –Test if all spoofed packets can be detected and dropped. –Test if valid packets are accidentally dropped. –Test transient behavior of SAVE. –Determine the cost of SAVE in terms of overhead.

26 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 26 Simulation Simulation Details: Simulation Details: –Custom simulation environment utilized. –SAVE is run in addition to routing protocols. –Inter and Intra domain connectivity tested with the use of the transit-stub topology generator from GT-ITM. –BGP used for inter-domain routing and RIP used for intra-domain routing.

27 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 27 Simulation Effectiveness: Effectiveness: –Three packet sources simulated. –Each packet source generates valid and spoofed packets using independent Poisson processes. –Numerous scenarios with different topologies tested. –Only spoofed packets shows in Figure 5. –Results show that SAVE catches and drops all spoofed packets.

28 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 28 Simulation Transient Behavior: Transient Behavior: –Occurs when a new route to a destination is established. SAVE trees need time to be built and propagated through the network via SAVE Updates. –Assumption is that the propagation delay of save is equal to that of a valid packet. –If data packets are sent while SAVE Update is still being generated due to forwarding router changes, invalid datagram packets may reach destination before SAVE Update. Datagram packets may be valid using the obsolete incoming information. –SAVE may process a valid packet as a spoofed packet if a packet is received at a router before the incoming trees and tables are fully built. –Experiments (not described in text) show no filtering drop of valid packets due to routing changes.

29 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 29 Simulation Cost (Bandwidth Used): Cost (Bandwidth Used): –Measured bandwidth and storage require for SAVE versus routing protocols (RIP, BGP). –Incoming SAVE tables can be minimized by finding by leveraging symmetries in network routing. –Minimization compares the valid incoming interfaces for a specific address space against the outgoing interface. –Level of minimization depends on the degree of symmetry in the network. –For single domain topologies, bandwidth used is 3.2Kbps to 6.9Kbps. –For multiple domain topologies, bandwidth used is 0.6Kbps to 6.4Kbps.

30 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 30 Simulation

31 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 31 Simulation

32 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 32 Simulation Cost (Bandwidth used in random link failure simulations): Cost (Bandwidth used in random link failure simulations): –Simulations compare the bandwidth cost of SAVE versus BGP and RIP in a simulation where random link failure in introduced. –Specific topologies tested with 90 and 97 links –Costs for SAVE and the other routing protocols varies depending on severity of link failure. –In general, SAVE costs less in a random link failure model than the routing protocols. –SAVE Updates are not always triggered in link failure as some forwarding tables are not bothered. This leads to less bandwidth used.

33 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 33 Simulation

34 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 34 Simulation

35 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 35 Simulation

36 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 36 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

37 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 37 Deployment Deployment: Deployment: –SAVE must be effective even when partially deployed. –Packets from a source address through a legacy router that is not verified through SAVE can be flagged for suspicion. –Deploying SAVE in a regional router protects the region from a type of TCP SYN attack where a victim’s source address is spoofed and if then flooded with SYN-ACK responses. –Regional SAVE deployment limits the number of spoofable addresses. –Purdue’s research of distributed packet filtering is complementary to SAVE and shows that even partial deployment decreases chances of malicious attacks.

38 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 38 Deployment Mobile IP and Tunnelling: Mobile IP and Tunnelling: –Mobile hosts carry their home IP address. SAVE rejects the mobile host if outside its home network. –Reverse tunnelling technique can also work for SAVE. Return packets are sent to home network then forwarded to the mobile host. –IPv6 has a “care-of address” which solves this problem. –In IP Tunnelling, a packets source address is buried inside a wrapping IP header. SAVE must be able to look inside the packet to find the true source address. –Known tunnel end points can have special SAVE Updates.

39 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 39 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions

40 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 40 Conclusion SAVE allows for network security without computationally expensive cryptography. SAVE allows for network security without computationally expensive cryptography. SAVE utilizes the construction of tables and trees to disallow the use of spoofed IPs with no more complexity than that already implemented by routing protocols. SAVE utilizes the construction of tables and trees to disallow the use of spoofed IPs with no more complexity than that already implemented by routing protocols. SAVE can help defend against DoS and DDoS attacks currently plaguing the Internet. SAVE can help defend against DoS and DDoS attacks currently plaguing the Internet.

41 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 41 Outline Introduction Introduction Design Principles Design Principles –SAVE Protocol –SAVE Update SAVE Protocol SAVE Protocol –Architecture –Data Structures SAVE Updates SAVE Updates –Generation –Tree Updates –Processing –Maintenance –Forwarding Security Security Simulation Simulation Deployment Deployment Conclusions Conclusions Appendix Appendix

42 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 42 Appendix

43 © 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 43 Appendix

Download ppt "© 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,"

Similar presentations

Security Issues In Mobile IP

Security Issues In Mobile IP
Computer Networking A Top-Down Approach Chapter 4.7.

Computer Networking A Top-Down Approach Chapter 4.7.
COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.
UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.

UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.

IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.

Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.
1 Internet Networking Spring 2004 Tutorial 7 Multicast Routing Protocols.

1 Internet Networking Spring 2004 Tutorial 7 Multicast Routing Protocols.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
MOBILITY SUPPORT IN IPv6

MOBILITY SUPPORT IN IPv6
Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.
IP Traceback With Deterministic Packet Marking Andrey Belenky and Nirwan Ansari IEEE communication letters, VOL. 7, NO. 4 April 2003 林怡彣.

IP Traceback With Deterministic Packet Marking Andrey Belenky and Nirwan Ansari IEEE communication letters, VOL. 7, NO. 4 April 2003 林怡彣.
SAVE: Source Address Validity Enforcement Protocol Jun Li, Jelena Mirković, Mengqiu Wang, Peter Reiher and Lixia Zhang UCLA Computer Science Dept 10/04/2001.

SAVE: Source Address Validity Enforcement Protocol Jun Li, Jelena Mirković, Mengqiu Wang, Peter Reiher and Lixia Zhang UCLA Computer Science Dept 10/04/2001.
A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.
Unicast Routing Protocols: RIP, OSPF, and BGP

Unicast Routing Protocols: RIP, OSPF, and BGP
SAVE: Source Address Validity Enforcement Jun Li, Jelena Mirković, Mengqiu Wang, Peter Reiher and Lixia Zhang UCLA USENIX Work-In Progress Session Washington.

SAVE: Source Address Validity Enforcement Jun Li, Jelena Mirković, Mengqiu Wang, Peter Reiher and Lixia Zhang UCLA USENIX Work-In Progress Session Washington.
Delivery, Forwarding, and Routing

Delivery, Forwarding, and Routing
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.
Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.
1 ECE453 – Introduction to Computer Networks Lecture 10 – Network Layer (Routing II)

1 ECE453 – Introduction to Computer Networks Lecture 10 – Network Layer (Routing II)

Similar presentations

Ads by Google