Labmeeting - 20150512 - New Secure Routing Method & Applications Facing MitM attacks
-
Upload
syuan-wang -
Category
Engineering
-
view
100 -
download
1
Transcript of Labmeeting - 20150512 - New Secure Routing Method & Applications Facing MitM attacks
NTUST - Mobilizing Information Technology Lab
NEW SECURE ROUTING METHOD & APPLICATIONS FACING MITM ATTACKS
Next Generation Networks and Services (NGNS), 2014
Advisor: Jenq-Shiou LeuStudent: Bing-Syuan WangDate: 2015/05/12National Taiwan University of Science and Technology
NTUST - Mobilizing Information Technology Lab 2
Outline• Introduction• Graph theory in computer network• Algorithm for pathfinder• Choice of a secure combination of paths to use• Conclusion
NTUST - Mobilizing Information Technology Lab 3
Introduction• Majority of solutions proposed till now for security are located at User
Application Level (Anti-Virus, Intrusion detector…).
• Routing is the act of moving information across an Internetwork from a source to a destination.
• Packet sniffing allows individuals to capture data as it is transmitted over a network.
• MITM: Main-in-the-middle attack
NTUST - Mobilizing Information Technology Lab 4
Introduction• Using Graph Theory
• Choose from possible paths given by pathfinder algorithm, all combinations that meet a number of criteria such as safety, speed, buffer size, etc.
NTUST - Mobilizing Information Technology Lab 5
Graph theory in computer network• Where is the set of vertices and is the set of edges, formed by pairs of
vertices.
• In this condition every Graph could be represented as a simple Matrix called adjacency matrix.
• The adjacency matrix of is a Matrix where is the number of nodes in G, and represent the weight of each edge.
NTUST - Mobilizing Information Technology Lab 6
Graph theory in computer network• Go from n1 to n6 we have:
n1 → n2 → n3 → n6• And
n1 → n2 → n5 → n3 → n6
NTUST - Mobilizing Information Technology Lab 7
Algorithm for pathFinder• Source = n0
• Destination = n2
NTUST - Mobilizing Information Technology Lab 8
Algorithm for pathFinder• no impact is foreseen on Routers if the number of hops does not exceed 12
NTUST - Mobilizing Information Technology Lab 9
Choice of a secure combination of paths to use• Source n0 and Destination n8
NTUST - Mobilizing Information Technology Lab 10
Choice of a secure combination of paths to use• The best solution will be to have at minimum two paths (Pi & Pj) with same
weight (wi = wj) and also using different intermediate nodes
• OSPF: Open Shortest Path First
• two paths with the same smallest total weight = 4 n0 → n4 → n8 = 4 n0 → n1 → n2 → n5 → n8 = 4
NTUST - Mobilizing Information Technology Lab 11
Choice of a secure combination of paths to use• When such solution is not possible, then we can consider another option which is to
look for two paths that satisfies the condition
• Again from past example we can consider the solution: n0 → n1 → n2 → n5 → n8 = 4 n0 → n3 → n6 → n4 → n7 → n8 = 8
• With: m1= 2 (2 messages on P1, load of 67%) w1 = 4 m2= 1 (1 messages on P2, load of 33%) w2 = 8
NTUST - Mobilizing Information Technology Lab 12
Conclusion• Using Graph Theory, this paper developed a new way of routing that includes
indirectly the notion of security, a simulation was done to confirm that this new method will not have any major impact on the router performance
• This paper highlighted some conditions to be used in order to chose the most safer combination of paths.
• Finally, Optimization is still needed in order to be able to handle more nodes in one AREA, and also to add the possibility to show only most secure paths in one algorithm.