Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy-Preserving Cross-Domain Network Reachability Quantification

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy-Preserving Cross-Domain Network Reachability Quantification"— Presentation transcript:

1 Privacy-Preserving Cross-Domain Network Reachability Quantification
Fei Chen Computer Science and Engineering Michigan State University Joint work with Bezawada Bruhadeshwar and Alex X. Liu

2 Background Network reachability can be defined as
What packets can pass through a given network path Network reachability quantification is very important for Understanding end-to-end network behavior Detecting the violation of security policies Business Network 1 Home Network 2 Internet

3 Motivation (1/2) Many solutions have been proposed to quantify the network reachability The main assumption of these solutions All the reachability information from these network devices is known Collecting such information could be very difficult Due to the privacy and security concerns Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2

4 Motivation (2/2) Subnet1 ISP Subnet2 Firewall Router Switches User1 S1 FW1 R1 FW2 FW3 FW4 S2 User2 Can we achieve the two following goals at the same time? Quantify the network reachability for a given path, and Preserve privacy of reachability information belong to different parties

5 Problem Statement Assumption
For each party, the reachability information is converted to an ACL Static reachability information Employ the network reachability approach [Khakpour et al., 2010] Let M(A) denote the set of packets that are accepted by ACL A We aim to design a privacy preserving protocol which Enables User1 to compute M(A1) ∩ M(A2) ∩ M(A3) No party can reveal the ACLs of other parties

6 Threat Model We consider semi-honest model
Each party must follow our protocol correctly Input its ACL to our protocol without cheating Follow the process of our protocol Each party may try to learn the ACL rules of other parties Analyze the intermediate messages when running the protocol

7 Related work Probing Network reachability quantificaiton
Current practice of verifying reachability Expensive to quantify network reachability Because it needs to generate and send significant amount of packets. Inaccurate E.g., it cannot probe the open ports with no server listening on them. Network reachability quantificaiton Estimate bounds of network reachability [Xie et al. 2005, Ingols et al. 2006, Matousek et al. 2008] Quantify the network reachability [Al-Shaer et al. 2009, Sung et al. 2009, Khakpour et al. 2010] Major assumption is not practical All reachability information is known No prior work studies privacy preserving reachability quantification

8 Basic building blocks (1/2)
Prefix membership verification P1 P2 [3, 7] 5 Prefix format Prefix family S([3,7])={011, 1**} T(5)={101, 10*,1**,***} Prefix numericalization Prefix numericalization N(S([3,7]))={0111, 1100} N(T(5))={1011,1010, 1100,1000} If N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7]

9 Basic building blocks (2/2)
Range intersection Suppose the domain of this field is [0, 7] P1 P2 [3, 7] [2, 5] Generate ranges Retrieve boundaries [0, 2] , [3, 7] 2, 5 Prefix format and numericalize Prefix family and numericalize N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) Because (1) N(S([0,2]))∩N(T(2)) ≠ , then 2[0, 2] (2) N(S([3,7]))∩N(T(5)) ≠ , then 5[3, 7] From 2[0, 2] and 5[3, 7], we have [3, 7] ∩ [2, 5] = [3, 5]

10 Privacy preserving range intersection
Employ commutative encryption For a number x, ((x)K1)K2 = ((x)K2)K1 For ease of presentation, let (x) K12 denote ((x)K1)K2 P1 (K1) P2 (K2) [3, 7] [2, 5] N(S([0,2])) , N(S([3,7])) N(T(2)), N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (1) Encrypt by P2 (2) Encrypt by P1 N(S([0,2]))K12 , N(S([3,7])) K12 N(T(2)) K21 , N(T(5)) K21 If P1 does the comparison, it can conclude that [3,7] ∩ [2, 5] = [3, the original number of N(T(5)) K21]

11 Range intersection of multiple parties
P1 (K1) P2 (K2) P3 (K3) [4, 7] [3, 7] [2, 5] N(S([0,3])) N(S([4,7])) N(S([0,2])) N(S([3,7])) N(T(2)) N(T(5)) (1) Encrypt by P1 (2) Encrypt by P2 (3) Encrypt by P3 (1) Encrypt by P2 (2) Encrypt by P3 (1) Encrypt by P3 (2) Encrypt by P2 N(S([0,3]))K123 N(S([4,7])) K123 N(S([0,2]))K23 N(S([3,7])) K23 N(T(2)) K32 N(T(5)) K32 Comparison 3, N(T(5)) K32 Prepare for further comparison N(T(3)) K231 N(T(5)) K321 Comparison 4, N(T(5)) K321

12 Decryption of the comparison result
N(T(5)) K321 Decrypt by P3 N(T(5)) K21 Decrypt by P2 N(T(5)) K1 Decrypt by P1 N(T(5)) Decode 4 5 [4, 5] = [4, 7] ∩ [3, 7] ∩ [2, 5]

13 ACL preprocessing ACL consists of multi-dimensional overlapping rules
Convert it to non-overlapping rules with accept decision FDD construction [0, 4] [8, 15] F1 [0,15] F2 [0,4] [5,15] [5, 7] a d Extract non-overlapping rules with the accept decision

14 Experiment Setup We conducted experiments on both real and synthetic ACLs Each ACL examine five fields, Source and destination IPs, source and destination ports, protocol type The number of rules ranges from dozens to thousands For effectiveness, we verified the correctness For efficiency, we evaluate the computation and communication costs of the core operations Processing each ACL Comparing every two ACLs

15 Experimental Results (1/3)
For real ACLs with the average number of rules 806 Both offline and online Computation costs are less than 2 seconds Communication cost is less than 60 KB Comparison cost is less than 1 second Our approach is efficient for the conversion and comparison of two real ACLs Processing real ACLs

16 Experimental Results (2/3)
For synthetic ACLs with number of rules from 200 to 2000 One-time offline computation cost is less than 400 seconds The online computation cost is less than 5 seconds Communication cost is less than 450 KB Processing synthetic ACLs

17 Experimental Results (3/3)
For synthetic ACLs with number of rules from 200 to 2000 The comparison time of two synthetic firewalls is less than 4 seconds Comparing synthetic ACLs

18 Conclusion Investigate privacy preserving quantification of network reachability for the first time Propose an efficient and secure protocol to quantify the network reachability accurately Conduct experiments on both real and synthetic ACLs to demonstrate the effectiveness and efficiently of our protocol

19 Future work Dynamic routing information Topological variations
Dynamic routing table Topological variations Links go down New links get added Malicious model Some party cheats its ACL

20 Questions Thank you!

Download ppt "Privacy-Preserving Cross-Domain Network Reachability Quantification"

Similar presentations

1 Chapter 22 Network layer Delivery, Forwarding and Routing.

1 Chapter 22 Network layer Delivery, Forwarding and Routing.
RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.

RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.
Cross-Domain Privacy-Preserving Collaborative Firewall Optimization Fei Chen Computer Science and Engineering Michigan State University Joint work with.

Cross-Domain Privacy-Preserving Collaborative Firewall Optimization Fei Chen Computer Science and Engineering Michigan State University Joint work with.
First Step Towards Automatic Correction of Firewall Policy Faults Fei Chen Alex X. Liu Computer Science and Engineering Michigan State University JeeHyun.

First Step Towards Automatic Correction of Firewall Policy Faults Fei Chen Alex X. Liu Computer Science and Engineering Michigan State University JeeHyun.
1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.

1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
What’s the Problem Web Server 1 Web Server N Web system played an essential role in Proving and Retrieve information. Cause Overloaded Status and Longer.

What’s the Problem Web Server 1 Web Server N Web system played an essential role in Proving and Retrieve information. Cause Overloaded Status and Longer.
ClassBench: A Packet Classification Benchmark

ClassBench: A Packet Classification Benchmark
 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.

 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.

Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State.

SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.

Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : 97077200 7 August 1999 The Chinese University.

Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Lab 5-1 Debrief.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Lab 5-1 Debrief.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

Similar presentations

Ads by Google