CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Practically Useful Network Security Chin-Tser Huang [email protected] University of South Carolina.
-
Upload
wesley-hall -
Category
Documents
-
view
214 -
download
0
Transcript of Practically Useful Network Security Chin-Tser Huang [email protected] University of South Carolina.
![Page 2: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/2.jpg)
1/8/2010 2
Security Services Confidentiality Integrity Authentication Anti-replay
…
Availability Access control Non-repudiation Anonymity
![Page 3: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/3.jpg)
1/8/2010 3
Network Security Always Good?
What if security mechanism is not applied correctly?
![Page 4: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/4.jpg)
1/8/2010 4
Network Security Always Good?
What if security mechanism is not applied appropriately?
x y
AESk3(3DESk1,k2(m, ts))
AESk3(3DESk1,k2(m, ts))
AESk3(3DESk1,k2(m, ts))
3DESk1,k2(m, ts)m, ts
![Page 5: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/5.jpg)
1/8/2010 5
Practically Useful Network Security
To make network security practically useful, we need to Verify the correctness of security
mechanism Consider the efficiency of security
mechanism
![Page 6: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/6.jpg)
1/8/2010 6
Protocol Design and Verification
Correctness is essential for secure protocols
Two steps to verify correctness of protocols First specify protocols using a formal
and scalable notation Then verify correctness of protocol
using state transition diagram
![Page 7: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/7.jpg)
1/8/2010 7
Abstract Protocol Notation
![Page 8: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/8.jpg)
1/8/2010 8
State Transition Diagram
![Page 9: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/9.jpg)
1/8/2010 9
Botnet Detection and Mitigation Supported by NSF and AFRL Ongoing collaboration with Dr. Han at AFRL Botnet is a distributed network of a large
number of bots, which are machines infected with malware and under the control of a botmaster
![Page 10: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/10.jpg)
1/8/2010 10
Botnet Detection and Mitigation Aim to mitigate the problem of botnets by
filtering their malicious packets and command and control (C&C) packets early
Successful implementation on Quagga routing software
Currently developing Tcl/Tk scripts for automated rule dissemination between routers
With Prasanth Kalakota, Mohamed Sharaf and Dr. Matthews
![Page 11: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/11.jpg)
1/8/2010 11
Early Filtering Testbed Four Cisco 2811 routers Dell PowerEdge R410 server
![Page 12: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/12.jpg)
1/8/2010 12
Intrusion Detection Supported by a DARPA/AFRL grant Microscope
View network as a collection of individual hosts Charge individual host for anomalous behavior With Jeff Janies
0
0.5
1
1.5
2
2.5
3
A B C D
TCP
UDP
malicious
A
B C
D
![Page 13: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/13.jpg)
1/8/2010 13
Intrusion Detection Macroscope
View network traffic as time-series signal Use wavelets to capture different types of anomalies With Sachin Thareja
![Page 14: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/14.jpg)
1/8/2010 14
Authentication in Wireless Networks
Design secure unicasting protocol to counter routing level attacks in ad hoc sensor networks
Develop dual authentication protocol against rogue access points for 802.11 WLANs
Discover and fix security problems in 802.16 WiMAX PKM protocols
With Jeff Janies, Sen Xu, and Prof. Matthews
K5({auth5}.K3({auth3}.K2({auth2}.ID2.MSG)))
K3({auth3}. K2({auth2}.ID2.MSG))
K2({auth2}.ID2.MSG)
![Page 15: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/15.jpg)
Privacy-Preserving Multi-Dimensional Credentialing
Organizations often use common personal identifiers (PIs) to satisfy reporting obligations and uniquely identify the same individuals, thereby making it possible to cross-link and aggregate the transactions of the same person from multiple sources
Introduce the veiled certificate (VC) which allows individuals to maintain control over their personal information while satisfying the regulatory and reporting needs of today’s security conscious environment
With Prof. Gerdes
1/8/2010 15
![Page 16: Practically Useful Network Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina.](https://reader036.fdocuments.us/reader036/viewer/2022062720/56649f055503460f94c19a92/html5/thumbnails/16.jpg)
1/8/2010 16
More Information Secure Protocol Implementation &
Development (SPID) Group Website: http://spid.cse.sc.edu