Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards a More Functional and Secure Network Infrastructure Dan Adkins, Karthik Lakshminarayanan, Adrian Perrig (CMU), and Ion Stoica.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Towards a More Functional and Secure Network Infrastructure Dan Adkins, Karthik Lakshminarayanan, Adrian Perrig (CMU), and Ion Stoica."— Presentation transcript:

1 Towards a More Functional and Secure Network Infrastructure Dan Adkins, Karthik Lakshminarayanan, Adrian Perrig (CMU), and Ion Stoica

2 Motivation The Internet is vulnerable to Denial of Service (DoS) attacks (packet floods). The Internet only does point-to-point communication well. –Other applications are difficult to deploy. In general, there is a tradeoff between adding functionality and achieving security.

3 DoS Assumptions Attacker power –Can flood using multiple clients –Can’t take out network –Can’t compromise I3 nodes DoS is “solved” when… –The victim’s link is no longer saturated

4 Traditional Solutions IP-level filtering –Must identify a pattern –Need help from your ISP –Slow response time –… but effective SYN rate limiting –Limits legitimate connections

5 The Woes of IP You only have one address Subnets are small enough to scan Any security can be subverted by denial of service on an IP address/subnet IP addresses can be spoofed

6 Functionality vs. Security Claim: More functionality = less security –Complexity leads to bugs and holes –More flexibility gives attackers more options Not necessarily! –More options = more defenses –No need to trade functionality for security

7 Three Principles Hide IP addresses –Must use overlay End-hosts have ability to defend against attacks (in the network) Don’t create additional vulnerabilities

8 I3 Solves This Problem Hide IP addresses by using I3 ID’s instead –All or nothing End-hosts can defend against DoS attacks I3 creates additional vulnerabilities –We can fix them.

9 DoS Solution? Can’t prevent, but can dilute Drop a fraction of incoming traffic in the network Random dropping reduces load… But also drops legitimate requests Real clients will retry

10 Diluting a DoS Attack Attacker floods victim via public triggers. x4x4 V x3x3 V x2x2 V x1x1 V Attacker (A) Victim dilutes attack by dropping two of its four public triggers. x4x4 V x3x3 V Victim (V)

11 Slowing Down a DoS Attack Server (S) Client (C) tS x A DoS-Filter (A) 1 id C 2 3

12 Multicast Access Control IP multicast address known to all receivers Mischievous subscribers can send to entire group I3 has efficient non-cryptographic solution

13 Multicast Access Control (2) id G id 1 id R3 S1 id 1 R1 R2 R3 id s 2 id G id s 1 id G S2 Senders id 1 id R2 id 1 id R 1 R1 id R2 R2 id R3 R3

14 Security Problems in I3 Eavesdropping Sender Receiver (R) idR send(id,data) send(R, data) Attacker (A) idE Dead-end id 4 Attacker id 2 id 1 id 3 id 2 id 3 Victim (V) Confluence id 3 V Attacker id 2 id 1 id 3 Attacker send(id,data) Loop id 4 id 1 id 2 id 3 id 1 id 4 id 3 id 2

15 Secure-I3 Overview Constrained triggers –Only allow trigger (x,y) if y.key=H(x) or x.key = H(y) –Solves eavesdropping, loop, confluence Pushback –Crucial to DoS solution Trigger challenges –Cannot insert triggers -> to other end-hosts

16 Conclusion There is hope for security –Our solution gives servers more defenses than they would have under IP –IP-level filtering is still useful, but slower More functionality and more security

17 Open Questions Formal model of DoS –Beats intuition and assumptions What if I3 servers are compromised?

18 The End

19 Trigger Constraints prefixkeysuffix 6412864 must match xy y.key = h r (x) xy x.key = h l (y) xy x.key = h l (y.key) end-host address (a)(b) (c)(d)

20 If you really want security… If you have determined (and well- funded) enemies… –Learn to make friends! If you have a critical server… –Don’t place it on a public, open network! If you must be online… –Pay for excess capacity!

Download ppt "Towards a More Functional and Secure Network Infrastructure Dan Adkins, Karthik Lakshminarayanan, Adrian Perrig (CMU), and Ion Stoica."

Similar presentations

Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:

Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:
Leveraging Good Intentions to Reduce Unwanted Network Traffic Marianne Shaw (U. Washington) USENIX 2nd Workshop on Steps to Reducing Unwanted Traffic on.

Leveraging Good Intentions to Reduce Unwanted Network Traffic Marianne Shaw (U. Washington) USENIX 2nd Workshop on Steps to Reducing Unwanted Traffic on.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Internet Indirection Infrastructure Presented in 294-4 by Jayanthkumar Kannan On 09/17/03.

Internet Indirection Infrastructure Presented in by Jayanthkumar Kannan On 09/17/03.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.

IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
Overview of Distributed Denial of Service (DDoS) Wei Zhou.

Overview of Distributed Denial of Service (DDoS) Wei Zhou.
1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday 26.09.2005 C. Today I³SI³HIPHI³.

1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday C. Today I³SI³HIPHI³.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
I3 Status Ion Stoica UC Berkeley Jan 13, 2003. The Problem Indirection: a key technique in implementing many network services,

I3 Status Ion Stoica UC Berkeley Jan 13, The Problem Indirection: a key technique in implementing many network services,
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.

Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.
10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.

10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.
2005 Stanford Computer Systems Lab Flow Cookies Bandwidth Amplification as Flooding Defense Martin Casado, Pei Cao Niels Provos.

2005 Stanford Computer Systems Lab Flow Cookies Bandwidth Amplification as Flooding Defense Martin Casado, Pei Cao Niels Provos.
Criticisms of I3 Jack Lange. General Issues ► Design ► Performance ► Practicality.

Criticisms of I3 Jack Lange. General Issues ► Design ► Performance ► Practicality.
Criticisms of I3 Zhichun Li. General Issues Functionality Security Performance Practicality If not significant better than existing schemes, why bother?

Criticisms of I3 Zhichun Li. General Issues Functionality Security Performance Practicality If not significant better than existing schemes, why bother?
CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.

CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.
Internet Indirection Infrastructure Ion Stoica UC Berkeley.

Internet Indirection Infrastructure Ion Stoica UC Berkeley.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
DFence: Transparent Network-based Denial of Service Mitigation CSC7221 Advanced Topics in Internet Technology Presented by To Siu Sang Eric (07016080)

DFence: Transparent Network-based Denial of Service Mitigation CSC7221 Advanced Topics in Internet Technology Presented by To Siu Sang Eric ( )

Similar presentations

Ads by Google