Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems.

Published byJasmine Ross Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems."— Presentation transcript:

1 Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

2 Lecture 18 Page 2 CS 236 Online Outline Routing security DNS security

3 Lecture 18 Page 3 CS 236 Online Routing Security Routing protocols control how packets flow through the Internet If they aren’t protected, attackers can alter packet flows at their whim Most routing protocols were not built with security in mind

4 Lecture 18 Page 4 CS 236 Online Routing Protocol Security Threats Threats to routing data secrecy –Usually not critical Threats to routing protocol integrity –Very important, since tampering with routing integrity can be bad Threats to routing protocol availability –Potential to disrupt Internet service

5 Lecture 18 Page 5 CS 236 Online What Could Really Go Wrong? Packets could be routed through an attacker Packets could be dropped –Routing loops, blackhole routing, etc. Some users’ service could be degraded The Internet’s overall effectiveness could be degraded –Slow response to failures –Total overload of some links Many types of defenses against other attacks presume correct routing

6 Lecture 18 Page 6 CS 236 Online Where Does the Threat Occur? At routers, mostly Most routers are well-protected –But... –Several vulnerabilities have been found in routers Also, should we always trust those running routers?

7 Lecture 18 Page 7 CS 236 Online Different Types of Routing Protocols Link state –Tell everyone the state of your links Distance vector –Tell nodes how far away things are Path vector –Tell nodes the complete path between various points On demand protocols –Figure out routing once you know you two nodes need to communicate

8 Lecture 18 Page 8 CS 236 Online Popular Routing Protocols BGP –Path vector protocol used in core Internet routing –Arguably most important protocol to secure RIP –Distance vector protocol for small networks OSPF ISIS Ad hoc routing protocols

9 Lecture 18 Page 9 CS 236 Online Fundamental Operations To Be Protected One router tells another router something about routing –A path, a distance, contents of local routing table, etc. A router updates its routing information A router gathers information to decide on routing

10 Lecture 18 Page 10 CS 236 Online Protecting BGP BGP is probably the most important protocol to protect Handles basic Internet routing Works at autonomous system (AS) level –Rather than router level

11 Lecture 18 Page 11 CS 236 Online BGP Issues BGP is spoken (mostly) between routers in autonomous systems On direct network links to their partner Over TCP sessions that are established with known partners –Easily encrypted, if desired Isn’t that enough to give reasonable security?

12 Lecture 18 Page 12 CS 236 Online A Counterexample Pakistan became upset with YouTube over posting of “blasphemous” video (2008) Responded by injecting a BGP update that sent all traffic to YouTube to a site in Pakistan –Which probably dropped it all Rendered YouTube unavailable worldwide (well, 2/3s of world) –Probably due to error, not malice

13 Lecture 18 Page 13 CS 236 Online How Did This Happen? Pakistan injected a BGP update advertising a path to YouTube –Which they had no right to do It got automatically propagated by BGP Everyone knows YouTube isn’t in Pakistan But the routing protocol didn’t Security required to prevent other future incidents

14 Lecture 18 Page 14 CS 236 Online Another Example In 2010, China rerouted a lot of US traffic through its servers –Traffic purely internal to the US –Lots of military, government, commercial traffic Based on bogus BGP route advertisements Possibly errors, not attacks, but...

15 Lecture 18 Page 15 CS 236 Online A Side Issues on This Story Much Internet design assumes major parties play by the rules Pakistan didn’t Not desirable to base Internet’s security on this assumption Though sometimes not many other choices

16 Lecture 18 Page 16 CS 236 Online Basic BGP Security Issue ABCDE FG 1.2.3.* A wants to tell everyone how to get to 1.2.3.* 1.2.3.* A A B,A 1.2.3.* C,B,A 1.2.3.* D,C,B,A What do we need to protect?

17 Lecture 18 Page 17 CS 236 Online Well, What Could Go Wrong? ABCDE FG 1.2.3.* A What if A doesn’t own 1.2.3.*? What if router A isn’t authorized to advertise 1.2.3.*? What if router D alters the path? 1.2.3.* D,F

18 Lecture 18 Page 18 CS 236 Online Two Sub-Problems Security of Origin (SOA) –Who is allowed to advertise a path to an IP prefix? Path Validation (PV) –Is the path someone gives to me indeed a correct path?

19 Lecture 18 Page 19 CS 236 Online How Do We Solve These Problems? SOA - Advertising routers must prove prefix ownership –And right to advertise paths to that prefix PV - Paths must be signed by routers on them –Must avoid cut-and-paste and replay attacks

20 Lecture 18 Page 20 CS 236 Online S-BGP One example solution A protocol designed to solve most of the routing security issues for BGP Intended to be workable with existing BGP protocol Key idea is to tie updates to those who are allowed to make them –And to those who build them

21 Lecture 18 Page 21 CS 236 Online Some S-BGP Constraints Can’t change BGP protocol –Or packet format Can’t have messages larger than max BGP size Must be deployable in reasonable way

22 Lecture 18 Page 22 CS 236 Online An S-BGP Example ABCDE FG 1.2.3.* A How can B know that A should advertise 1.2.3.*? A can provide a certificate proving ownership

23 Lecture 18 Page 23 CS 236 Online Securing BGP Updates ABCDE FG 1.2.3.* A wants to tell everyone how to get to 1.2.3.* What are these signatures actually attesting to? 1.2.3.* A B,A 1.2.3.* C,B,A 1.2.3.* D,C,B,A

24 Lecture 18 Page 24 CS 236 Online Who Needs To Prove What? A needs to prove (to B-E) that he owns the prefix B needs to prove (to C-E) that A wants the prefix path to go through B C needs to prove (to D-E) the same D needs to prove (to E) the same

25 Lecture 18 Page 25 CS 236 Online So What Does A Sign? A clearly must provide proof he owns the prefix He also must prove he originated the update And only A can prove that he intended the path to go through B So he has to sign for all of that

26 Lecture 18 Page 26 CS 236 Online Address Attestations in S-BGP These are used to prove ownership of IP prefix spaces IP prefix owner provides attestation that a particular AS can originate its BGP updates That AS includes attestation in updates

27 Lecture 18 Page 27 CS 236 Online Route Attestations To prove that path for a prefix should go through an AS The previous AS on the path makes this attestation –E.g., B attests that C is the next AS hop

28 Lecture 18 Page 28 CS 236 Online How Are These Signatures Done? Via public key cryptography Certificates issued by proper authorities –ICANN at the top –Hierarchical below ICANN Certificates not carried with updates –Otherwise, messages would be too big –Off-line delivery method proposed

29 Lecture 18 Page 29 CS 236 Online S-BGP and IPSec S-BGP generates the attestations itself But it uses IPSec to deliver the BGP messages Doing so prevents injections of replayed messages Also helps with some TCP-based attacks –E.g., SYN floods

30 Lecture 18 Page 30 CS 236 Online S-BGP Status Not getting traction in networking community Probably not going to be the ultimate solution IETF working group is looking at various protocols with similar approaches

31 Lecture 18 Page 31 CS 236 Online Other BGP Security Approaches Filter BGP updates from your neighbors –Don’t accept advertisements for prefixes they don’t own –Requires authoritative knowledge of who owns prefixes Use Resource PKI to distribute certificates on who owns what prefixes Sanity check routes Continuous monitoring of routing system

Download ppt "Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems."

Similar presentations

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.
SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez School of Computer Science.

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez School of Computer Science.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Interdomain Routing Security COS 461: Computer Networks Michael Schapira.

Interdomain Routing Security COS 461: Computer Networks Michael Schapira.
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.
Inter-domain Routing security Problems Solutions.

Inter-domain Routing security Problems Solutions.
1 ECE453 – Introduction to Computer Networks Lecture 10 – Network Layer (Routing II)

1 ECE453 – Introduction to Computer Networks Lecture 10 – Network Layer (Routing II)
Lecture 22 Page 1 Advanced Network Security Other Types of DDoS Attacks Advanced Network Security Peter Reiher August, 2014.

Lecture 22 Page 1 Advanced Network Security Other Types of DDoS Attacks Advanced Network Security Peter Reiher August, 2014.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Chapter 22 Network Layer: Delivery, Forwarding, and Routing

Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
Routing Information Protocol (RIP). Intra-and Interdomain Routing An internet is divided into autonomous systems. An autonomous system (AS) is a group.

Routing Information Protocol (RIP). Intra-and Interdomain Routing An internet is divided into autonomous systems. An autonomous system (AS) is a group.
1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.

Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014.

Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014.

Similar presentations

Ads by Google