WK 01-02: COMP4337/9337 Securing Fixed and Wireless Networks
Professor Sanjay K. Jha
Topic: Network Architectures and Security
School of Computer Science and Engineering, UNSW
Copyright By PowCoder代写 加微信 powcoder
Today’s Agenda
• SecurityinWirelessNetwork
• SecurityinIPprotocolstack
• Reviewofwiredandwirelessnetworksandsecurity concerns
Course Coverage
• Introduction
• Internet Architecture
• Network Protocols and Vulnerabilities
• Application Layer Security
• Transport Layer Security
• Network Layer Security
• Link Layer Security
• Wireless LAN Security
• Network Defence Tools
• Advanced Network Security topics
NOTE: We may not take exactly the layered approach to accommodate for labs/assignments during a term
Network Security 2
Introduction
• Internet connectivity is essential but is vulnerable to threats
• Our heavy reliance on networking technology, that provides unprecedented access to a whole range of applications and services anytime, anywhere, makes it an attractive target for malicious users
• Malicioususersattempttocompromisethesecurityof our communications and/or cause disruption to services
• Certain original protocols are either designed without bearing security in mind, or with poor security design decisions
• Notmerelyofhistoricalinterest:contemporarydesigns are often constrained by their predecessors for pragmatic reasons
Network Security 3
Introduction We explore
• Thechallengesinsecuringanetworksunderavarietyof attacks
• Widelyusedsecurityprotocols
• Emergingsecuritychallengesandsolutions
A basic understanding of networking protocol stack and TCP/IP suite is assumed from 3331/9331 or equivalent
Network Security 4
Internet Architecture
§ A complex system such as distributed applications running over a range of networking technologies is best understood when viewed as layered architecture
§ We will revise the 7-layer ISO OSI protocol stack and the interaction between various layers
• TCP/IPprotocolstackusesonlyfivelayersfromOSImodel i.e., layers 1- 4 and 7
• PresentationandSessionlayersareoptionalandtheir functionality can be offloaded to the application layer
§ The model also allows us to understand the security issues on each layer and the interplay between them.
Network Security 5
Security Analysis of Layered Protocol Architectures
Endsystem (Initiator)
Endsystem (Responder)
At which interface does the attack take place?
7– layer Protocol Stack
Communication Network
Application Layer Presentation Layer Session Layer Transport Layer
L7. Application
L6. Presentation
L5. Session
L4. Transport
L3. Network
L2. Datalink
L1. Physical
L3. Network
L2. Datalink
L1. Physical
L3. Network
L2. Datalink
L1. Physical
L7. Application
L6. Presentation
L5. Session
L4. Transport
L3. Network
L2. Datalink
L1. Physical
Net. Layer D/L Layer Phy. Layer
Physical path traversed by data
Logical path traversed by data
Net. Layer D/L Layer Phy. Layer
Network Devices
Network Vulnerabilities
§ Security research literature use Dolev-Yao (DY) adversarial formal model for formal analysis of security protocols
• DYmodeldescribestheworstpossibleadversarythathas complete control over the entire network allowing it to read any message, prevent delivery of any message, duplicate any message or otherwise synthesize any message for which the adversary has the relevant cryptographic keys (if any).
• Realadversariesmayhavelimitedcapabilities
Network Security Attacks
§ Network security characters Alice, Bob, Eve and Mallory back again
§ Alice and Bob want to exchange messages securely while Eve (an eavesdropper) and Mallory (a malicious attacker) are waiting to compromise their communications
• InrealworldAliceandBob-> Webserversandclients,two email clients, DNS servers etc.
§ Eve can capture (eavesdrop) the traffic and extract confidential information such as passwords, credit card details etc. , while Mallory can launch a man in the middle (MiTM) attack by placing itself between Alice and Bob
• RealworldEveandMallory->compromised gateways/routers/access-points, or malware
Network Security 8
Network Security Attacks
§ Denial of Service (DoS) : attacker sends an avalanche of bogus packets to a server to keep the server constantly busy or clog up the access link
§ Distributed DoS (DDoS): attack a large number of compromised devices (bots)
• Mirai is an example of DDoS in 2016, compromised Linux- based IP cameras, utility meters, home routers and others
• Donebyexploitingweakauthenticationconfigurations including use of default passwords
§ In IP spoofing attacks: impersonate as an authorised user by crafting a packet with forged IP address and adjusting certain other fields to make it look legitimate
Network Security 9
Desirable properties of secure communication
• confidentiality: only sender, intended receiver should “understand” message contents
• authentication: sender, receiver want to confirm identity of each other
• message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection
• non-repudiation: no one (including the sender) can deny that message was sent by the sender
• access and availability: services must be accessible and available to users
Network Security 10
Emerging Network Trend
Integration of heterogeneous fixed and mobile networks with varying transmission characteristics
vertical handover
metropolitan area
campus-based
horizontal handover
Security Aspects of Wireless Networks
• Wirelessnetworksfacesallthreatsthatdoesitswired counterpart:
– Masquerade, eavesdropping, authorization violation, loss or modification of transmitted information, repudiation of communication acts, forgery of information, sabotage
– Thus, similar measures like in fixed networks have to be taken
• Weneedtolearnfixednetworktechniquestobeabletoprotect wireless networks .
What is different?
• WirelessNetworkismoreaccessibleforeavesdropping
• Thelackofaphysicalconnectionmakesiteasierto access services
• Authenticationhastobere-establishedwhenthe mobile device moves
• Keymanagementgetsharderaspeeridentitiescannot be pre-determined
• Thelocationofadevice/userbecomesamore important information that is worthwhile to eavesdrop on and thus to protect
What is different ? (contd)
• Injectingbogusmessagesintothenetworkiseasy
• Replayingpreviouslyrecordedmessagesiseasy
• Illegitimateaccesstothenetworkanditsservicesiseasy • Denialofserviceiseasilyachievedbyjamming
Review of Network Architecture and Associated Security Challenges
Internet architecture
mobile network
home network
institutional network
regional ISP
global ISP
déjà vu; 3331/9331
Introduction 1-18
Cellular network architecture
radio network controller
Gateway MSC
Serving GPRS Support Node (SGSN)
Gateway GPRS Support Node (GGSN)
Public telephone network
Public Internet
Base transceiver station (BTS)
Base station controller (BSC) Mobile Switching Center (MSC)
Mobile subscribers
Cellular Network Security
• 2G had weak security
– Possibleattacksfromafakedbasestation
– Cipherkeysandauthenticationdatatransmittedinclearbetweenand within networks
– Encryptionnotusedinsomenetworksèopentofraud
– Dataintegritynotprovided
• Some improvement with respect to 2nd generation – Cryptographicalgorithmsarepublished
– Integrityofthesignallingmessagesisprotected
• Cellular Security not a focus but may explore a bit more
WiFi – WLAN
v wireless host communicates with base station
§ base station = access point (AP)
v Basic Service Set (BSS) (aka
“cell”) in infrastructure
mode contains:
§ wireless hosts
§ access point (AP): base station
§ ad hoc mode: hosts only
hub, switch or router
Security in WLAN
• SomebasicissuescoveredinCOMP3331/9331
• Wewilltreatthistopicindetailinlaterweek
– WEP, Why failed, what lesson did we learn
– 802.11i, Temporal Key Integrity Protocol (TKIP)…..
Wireless Mesh Networks: Extended WLAN coverage
Src: www.meshdynamics.com Src: www.meshdynamics.com
(AP = access point)
Ethernet Ethernet Ethernet
Wireless mesh network (WMN):
Features: Mesh routers; Multi-hop routing
City-wide WiFi
Concept of Backhaul (or backbone)
Source: M. Sichitiu
WMN Security
• Severalverificationsneedtobeperformed:
– WAP(connectedtointernet)hastoauthenticatetheuserterminal.
– Eachuserhasalsotoauthenticatethenexthopmeshrouter
– Eachmeshrouterhastoauthenticatetheothermeshroutersinthe
– Thedatasentorreceivedbyuserhastobeprotected(e.g.,toensure data integrity, non-repudiation and/or confidentiality).
– Denialofserviceattackpossible
• Performingtheseverificationshastobeefficientand
lightweight, especially for the user terminal.
Wireless Sensor Networks
• Large number of sensor nodes, a few base stations
• Sensors are usually battery powered:
– Main design criteria: reduce the energy consumption
• Multi-hop communication reduces energy consumption:
Sensor Network Security
• Resource constraint
– Limited CPU processing power
– Limited Battery – attacker can deplete – Need lightweight crypto protocols
• Physical Security
– Capture, Cloning, and Tampering easy
• Wireless Programming on Devices possible – Additional security risk
Vehicular Ad hoc NETwork (VANET)
Roadside base station
Emergency event
Inter-vehicle communications
Communication: typically over the Dedicated Short Range Communications (DSRC) (5.9 GHz)
IEEE 802.11p: applications such as toll collection, vehicle safety services, and commerce transactions via cars
Vehicle-to-roadside communications
Vehicular communications: why?
Combat the awful side-effects of road traffic
– IntheEU,around40’000peopledieyearlyontheroads;more than 1.5 millions are injured
– Trafficjamsgenerateatremendouswasteoftimeandoffuel Most of these problems can be solved by providing appropriate
information to the driver or to the vehicle 30/58
Why Security important?
• BogusTrafficInformation
• Disruptionofroadnetwork/trafficmovement
• Cheatingwithidentity,speed,location
• Location/privacyissues
• Securityrequirements:
– Senderauthentication,Verificationofdataconsistency,Availability, Non-repudiation, Privacy, Real-time constraints
802.15: Personal Area Network
• less than 10 m diameter
• replacement for cables (mouse,
keyboard, headphones)
• ad hoc: no infrastructure
• master/slaves:
– slavesrequestpermissiontosend
(to master) S
– mastergrantsrequests
radius of coverage
• 802.15: evolved from Bluetooth specification
– 2.4-2.5GHzradioband – upto721kbps
M Master device
S Slavedevice
P Parkeddevice(inactive)
PAN Security
• Short-range communications, master-slave principle
• Eavesdropping is difficult:
– Frequency hopping
– Communication is over a few meters only
• Security issues:
– Authentication of the devices to each other – Confidential channel
oBased on secret link key
IoT Devices and Security
The market for IoT device projected to grow to more than 27 Billion devices by 2025.
Security is critical because these devices generate medical data, and challenging given that they have low power and computation capabilities.
1. Apple iPhone SensorStrip
2. Nike + iPod Sports Kit
3. Nokia Sports Tracker
4. Toumaz Life Pebble
References
• Chapter8, Kurose Ross, Computer Networking: A Top-Down Approach, for
wireless network architecture overview
• Chapter 1 and 2, L. Buttyan and J. P. Hubaux, Security and Cooperation in Wireless Networks (note: the book leans towards game theory, restrict your reading to security. Cellular security is covered in detail – the book is reasonably old – missing 4G networks)
• Günter Schäfer, Security in Fixed and Wireless Networks, Wiley
• Acknowledgement: foils are adapted from Buttyan, Kurose-Ross, Schafer primarily. Special thanks to Prof Schafer for sharing foils.
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com