Internet Infrastructure Security: A Taxonomy - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Internet Infrastructure Security: A Taxonomy

Description:

Title: PowerPoint Presentation Last modified by: Earvin Created Date: 1/1/1601 12:00:00 AM Document presentation format: Other titles – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 23
Provided by: dslabCsi6
Category:

less

Transcript and Presenter's Notes

Title: Internet Infrastructure Security: A Taxonomy


1
Internet Infrastructure Security A Taxonomy
  • Anirban Chakrabarti
  • G. Manimaran
  • (Iowa State University)
  • Network, IEEE , Volume 16 Issue 6 ,
  • Nov.-Dec. 2002 Page(s) 13 -21

2
Outline
  • Introduction
  • Taxonomy of Internet Infrastructure Attacks
  • DNS Hacking Attacks
  • Routing Table Poisoning Attacks
  • Packet Mistreatment Attacks
  • Denial of Service Attacks
  • Conclusions and Future Work

3
Introduction
  • The objectives of this article are to
  • Categorize possible Internet infrastructure
    attacks
  • Identify the attacks within each category
  • Identify existing solutions that deal with the
    attacks
  • Present guidelines for important and less
    researched areas

4
An example of a router attack and its consequences
5
Taxonomy of Internet Infrastructure Attacks
6
DNS Hacking Attacks
  • The Impact of Hacking
  • Denial of Service
  • Send back negative responses indicating that the
    DNS name does not exist.
  • Redirect the clients request to a server that
    does not contain the service the client is
    requesting.
  • Masquerading
  • Information Leakage
  • Domain Hijacking

7
DNS Hacking Attacks(cont.)
  • Types of Hacking
  • Cache Poisoning
  • Server Compromising
  • Spoofing
  • In order to address DNS attacks, the IETF added
    security extensions to DNS, collectively known as
    DNSSEC (RFC2535).

8
Outline of DNSSEC
  • DNSSEC provides authentication and integrity to
    the DNS updates.
  • The authentications are provided through the use
    of digital signature technology.
  • To make the DNSSEC proposals viable, secure
    server and secure client environments must be
    created.
  • DNSSEC is unable to provide security against
    information leakage since it is mainly concerned
    with authentication.

9
Routing Table Poisoning Attacks
  • The Impact of Poisoning
  • Suboptimal Routing
  • Congestion
  • Partition
  • Overwhelmed Host
  • Looping
  • Access to Data

10
Routing Table Poisoning Attacks(cont.)
  • Types of Poisoning
  • Link Attacks
  • Interruption
  • Modification/Fabrication
  • Replication
  • Router Attacks
  • Link State Router Attacks
  • Distance Vector Router Attacks

11
Solutions for Link Attacks
  • Interruption Most routing protocols employ
    robust updates between neighbors , by using
    acknowledgements.
  • Modification/Fabrication Digital signatures are
    used for the integrity and authenticity of
    messages.
  • Replication Sequence information is used to
    prevent this attack.

12
Link State Router Attacks
  • A router attack can be proactive or inactive in
    nature.

13
Solutions for Link State Router Attacks
  • The solutions proposed for router attacks in link
    state protocols can be categorized into two types
  • intrusion detection
  • JiNaO
  • protocol-driven
  • Secure Link State Protocol (SLIP)

14
Distance Vector Router Attacks
  • If a malicious router creates a wrong distance
    vector and sends it to all its neighbors, the
    neighbors accept the update since there is no way
    to validate it.
  • Since the router itself is malicious, standard
    techniques like digital signatures do not work.
  • Inconsistency Detection
  • Consistency Check algorithm

15
Consistency Check algorithm
16
Packet Mistreatment Attacks
  • Packet mistreating attacks have limited
    effectiveness compared to the routing table
    poisoning and DoS attacks
  • The Impact of Mistreatment
  • Congestion
  • Lowering Throughput
  • Denial-of-Service
  • Types of Mistreatment
  • Link Attacks
  • Router Attacks

17
Link Attacks
  • Interruption
  • WATCHERS (principle of conservation)
  • packet dropping profiles and intrusion detection
  • Modification/Fabrication
  • IPSec
  • Replication
  • IPSec (anti-replay window protocol)

18
Router Attacks
  • Malicious routers can cause all the link attacks.
  • Malicious misrouting of packets may result in
    congestion, or can even be used as a DoS attack.
  • Packets sent and received by the same interface
    of a router are discarded.
  • However, a malicious router can create triangle
    routing or looping, which remains an open problem

19
Denial-of-Service Attacks
  • DoS attacks can be categorized into two main
    types ordinary and distributed.
  • Types of Attacks
  • UDP Flood
  • TCP/SYN Flood
  • ICMP/Smurf

20
Denial-of-Service Attacks(cont.)
  • Types of Solutions
  • Preventiive
  • Filtering
  • Reactive
  • Link Testing
  • Logging
  • ICMP Traceback
  • IP Traceback

21
Conclusions and Future Work
  • Scalability and deployment issues in DNSSEC.
  • Robust routing protocols to prevent routing table
    poisoning attacks.
  • No work has been carried out to solve the packet
    mistreatment attacks when a router is responsible
    for triangle routing.
  • Detection, location, and recovery from DDoS
    attacks.

22
Summary
Write a Comment
User Comments (0)
About PowerShow.com