254542 Networks Management and Security
-
Upload
holly-duffy -
Category
Documents
-
view
16 -
download
2
description
Transcript of 254542 Networks Management and Security
![Page 1: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/1.jpg)
254542 Networks Management and
Security
Lecture 4
![Page 2: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/2.jpg)
Authentication Protocols
• A process of verifying that its communication partner is not an imposter
• Authenticity does not mean authority
• Alice and Bob are called principals
• Authenticated based on..– Shared secret key– trusted 3rd party = key distribution center (KDC)
![Page 3: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/3.jpg)
Secret-key Authentication
• Assuming A and B already share KAB
• Based on challenges and responses
• Ri = Challenge from the ith challenger
• Ki = Key from the ith owner
• KS = session key
![Page 4: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/4.jpg)
Authentication using a challenge-response protocol
AA
RRBB
KKABAB(R(RBB))
RRAA
KKABAB(R(RAA))
Alic
eA
lice
Bo
bB
ob
After all the responses, A can determine KAfter all the responses, A can determine KSS
and send it to B in an encrypted formand send it to B in an encrypted form
![Page 5: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/5.jpg)
Shortened authentication using challenge-response protocol
A, RA, RAA
RRBB, K, KABAB(R(RAA))
KKABAB(R(RBB))
Alic
eA
lice
Bo
bB
ob
Is it secure?Is it secure?
![Page 6: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/6.jpg)
Reflection Attack
A, RA, RTT
RRBB, K, KABAB(R(RTT))
KKABAB(R(RBB))
Tru
dyT
rudy
Bo
bB
obA, RA, RBB
RRB2B2, K, KABAB(R(RBB))
![Page 7: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/7.jpg)
3 Rules for Designing Authentication Protocol
• Prove the initiator’s identity before the responder has to
• Use different keys for the initiator and responder (i.e. KAB and K’AB)
• The initiator and responder should use different sets of challenges (e.g. even and odd numbers)
![Page 8: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/8.jpg)
Authentication Based on KDC
• Previous protocol key management problem• With KDC, each user has a single shared key• The simplest known protocol = wide mouth frog
A, KA, KAA(B, K(B, KSS))
Alic
eA
lice
Bo
bB
ob
KKBB(A, K(A, KSS))
KD
CK
DC
What about a replay attack?What about a replay attack?
![Page 9: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/9.jpg)
Solutions to the Replay Attack
• Timestamp– Still vulnerable before a message is obsolete
• Nonce (one-time, unique message number)– Each party has to remember nonces forever– Or a combination between nonce & timestamp
![Page 10: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/10.jpg)
Needham-Schroeder Authentication Protocol
RRAA, A, B, A, B
Alic
eA
lice
Bo
bB
ob
KKBB(A, K(A, KSS), K), KSS(R(RA2A2))
KD
CK
DC
KKAA(R(RAA, B, K, B, KSS, K, KBB(A, K(A, KSS))))
KKSS(R(RA2A2 -1), R -1), RBB
KKSS(R(RBB -1) -1)
RRAA = Nonce, K = Nonce, KBB(A, K(A, KSS) = Ticket) = Ticket
* Replay attack at message 3 with old K* Replay attack at message 3 with old KSS
![Page 11: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/11.jpg)
Otway-Rees Authentication ProtocolA
lice
Alic
e
Bo
bB
ob
KD
CK
DC
A, KA, KAA(A, B, R, R(A, B, R, RAA),),
B, KB, KBB(A, B, R, R(A, B, R, RBB))
KKBB(R(RBB, K, KSS))
KKAA(R(RAA, K, KSS))
A, B, R, KA, B, R, KAA(A, B, R, R(A, B, R, RAA))
![Page 12: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/12.jpg)
Authentication using Kerberos
• Developed by MIT, currently in version 5• Widely used in real world• Assumes that all clocks are well synchronized• Involves 3 servers
– Authentication Server (AS) verifies users during login– Ticket-Granting Server (TGS) issues “proof of identity
tickets”– Bob the server performs work requested by Alice
![Page 13: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/13.jpg)
Servers’ duties
• AS – Shares a secret key with every user– Similar to KDC
• TGS– Issues tickets to verify the identity of the TGS
ticket bearer
![Page 14: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/14.jpg)
Kerberos Operation
AA
Alic
eA
lice KKTGSTGS(A, K(A, KSS), B, K), B, KSS(t)(t)
AS
AS
KKAA(K(KSS, K, KTGSTGS(A, K(A, KSS))))
KKBB(A, K(A, KABAB), K), KABAB(t)(t)
KKABAB(t+1)(t+1)
TG
ST
GS
Bo
bB
ob
KKSS(B, K(B, KABAB), K), KBB(A, K(A, KABAB))
• Alice is asked for her password after message 2 arrivesAlice is asked for her password after message 2 arrives
• Replay attack with message 3 doesn’t workReplay attack with message 3 doesn’t work
![Page 15: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/15.jpg)
Kerberos in Real World
• Still susceptible to password-guessing attack– Heighten security at the user end
• PKI (public-key infrastructure) is being added into Kerberos– But still confined to initial requests to TGS
(why?)
![Page 16: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/16.jpg)
Intrusion Detection Systems (IDS)
• Do not– Block or prevent attacks
• Do– Notify the systems when they are being hacked
• Host and Network IDS– NIDS mostly looks at the network traffic
• Detecting potential attacks
– Host IDS looks at host, OS, and application activities• Detecting attacks that already succeeded
![Page 17: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/17.jpg)
IDS tools
• Auditing
• Detecting anomalous behaviors
• Pattern matching and detecting
• CERT (Computer Emergency Response Team) bulletin board – lists security problems that have been
discovered and reported
![Page 18: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/18.jpg)
Auditing
• Logfile monitors– Host-based IDS scanning and analyzing
logfile– Pattern searching
• Integrity monitors– Watch key system structures (system files,
registry keys, etc) for change– Establish a ‘known safe baseline” (pre-attack)– Should be deployed on a clean system
![Page 19: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/19.jpg)
Signature Matchers
• A stateful NIDS that detects attacks based on a database of known attack signatures– Stateful means that it can track fragmented
TCP packets (and reassemble them)– Stateless deals with individual packets
• E.g. snort (http://www.Snort.org), which is a freeware and open source
![Page 20: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/20.jpg)
Anomaly Detectors
• NIDS, which – establishes a baseline of “normal” system– alerts when a deviation occurs– sometimes categorized into “traffic anomalies”
and “protocol anomalies”
• Problem: Network traffic is constantly changing, especially in large networks– Hybrid into a more host-based IDS
![Page 21: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/21.jpg)
Interesting Profiles Worth Watching
• Login profile– Login/location frequency, last login– Session elapsed time, session output– Password fails, location fails
• Command/Program execution – Execution frequency, Program IO, program CPU– Execution denied, Program resource exhaustion
• File access activities– Read/write/delete/create frequency– Number of fails on read/write/delete/create– Number of records read/written– File resource exhaustion
![Page 22: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/22.jpg)
Bayesian Analysis
• Applied to NIDS for diagnosis purpose
• NIDS problems– Keeping signature databases up to date– Coping with massive bandwidth (especially a
stateful NIDS)– Capabilities limited in switched networks– Vulnerable to attacks (e.g. DoS)
![Page 23: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/23.jpg)
Sensitivity vs. Specificity
• TP = true positive (intrusion correctly detected)• FP = false positive (false alarm)• FN = false negative (intrusion missed)• TN = true negative (integrity correctly detected)
IntrusionIntrusion+ + --
IDS IDS responseresponse
++
--
TPTP FPFP
FNFN TNTN
![Page 24: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/24.jpg)
Sensitivity
• Sensitivity = True positives /
(true positives + false negatives)
• More sensitivity = Less likeliness to miss actual intrusions
• For identifying attacks …– that should never be missed
– on areas that are easy to fix
• Best for “screening” (FN is more critical)
• Should be implemented here
InternetInternet
Corporate Corporate firewallfirewall
Web serverWeb server LANLAN
RouterRouter
![Page 25: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/25.jpg)
Specificity
InternetInternet
Corporate Corporate firewallfirewall
Web serverWeb server LANLAN
RouterRouter
• Specificity = True negatives / (true negatives + false positives)
• More specificity = Less likeliness to produce false alarms– Useful tools for network
administrator
• For identifying attacks …– on areas in which automatic
diagnosis is critical
• Best when…– consequences for false-positive
results are serious
• Should be implemented here
![Page 26: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/26.jpg)
Accuracy
• Accuracy = Percentage of all IDS results that are correct
• Encompass both sensitivity and specificity
• E.g. web server under constant attacks that needs– Screening for any slight
anomaly
– Automatic processes to deal with any incident (due to high traffic volume)
• Can be achieved by combining layers of different IDSs
InternetInternet
Corporate Corporate firewallfirewall
Web serverWeb server LANLAN
RouterRouter
![Page 27: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/27.jpg)
Hacking IDSs:Fragmentation
• A.k.a. packet splitting
• Most common attack against NIDSs
• Splitting packets into smaller pieces – Difficult for analyses
• Stateful IDSs can prevent this attack but– Consume a more resources and become less
accurate as throughput increases
![Page 28: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/28.jpg)
Hacking IDSs:Spoofing
• Spoofing TCP sequence numbers
• IDS becomes desynchronized from the host– And then ignores true data stream while
waiting for a forged sequence number
• IDS must be aware of the real target host
![Page 29: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/29.jpg)
Hacking IDSs:Protocol Mutation
• For example, a typical CGI-bin request isGET /cgi-bin/script.cgi HTTP/1.0
• If IDS scans for /cgi-bin/cgi_script
• The attacker can modify the request toGET /cgi-bin/subdir/../script.cgi HTTP/1.0
“directory traversal”
• Solution: – Normalize traffic to look more uniform
![Page 30: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/30.jpg)
Hacking IDSs:Attacking Integrity Checkers
• Integrity checkers– Initialize mode: compute checksum and collect
information– Check mode: look for changes– Update mode: update signature after system
reconfiguration
• Attacks– Send wrong information– Compromise the system between checks– Hide tracks by “correcting” the system by itself
![Page 31: 254542 Networks Management and Security](https://reader036.fdocuments.us/reader036/viewer/2022062516/56812c0e550346895d907b9a/html5/thumbnails/31.jpg)
Future of IDSs
• Encrypted traffic (IPSec)
• Increased speed and complexity of attacks
• Increased amount of data to interpret
• New evasion techniques
• New kernel-based attack
• Embed IDS throughout host stack
• Strict anomaly detection, optimized NIDS engines, intelligent pattern matching
• Visual display of data
• New traffic normalization techniques and deeper host awareness
• New kernel security mechanisms
ProblemProblem SolutionSolution