dynamic network emulation security analysis for application layer protocols
Post on 26-Dec-2015
226 Views
Preview:
TRANSCRIPT
2
There are many network simulation and network analysis tools designed to look at issues in Layer 2
and Layer 3 protocols
The Problem
… but as the use of overlay networks grow, large amounts of network activity occurs at the
application layer.
3
Overlay network security can significantly depend upon network topology and routing
The Problem
In onion-routing style anonymity networks, an
adversary who can observe both sides of the anonymous
path can break anonymity
An adversary can position themselves to observe Skype
calls routed through super nodes.
…but we don’t have a good way to analyze the feasibility and effectiveness of these attacks
4
Good ISP
Okay ISP
Bad ISP
In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity
The Problem: Extended
5
The Problem: Extended
In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity
What if the adversary can force a change in routing
between two hosts?
What if they can do it for N host-
pairs?
Do some routing protocols
exacerbate this issue?
6
• Ideally, the same way we do with other things
• Unfortunately these are real applications, running in the real world, and we want to know how that world affects them
How can we answer these questions?
Hypothesize Test Explain
7
• We can observe real-world data, but we have:... limited vantage points... little ability to test hypotheses... no way to change the environment
How can we answer these questions?
What we need is a application layer network modeling environment
8
• Network Testbeds: – Clusters of isolated machines that can be
reserved and configured into network topologies
• Network Simulators:– Tools that simulate network applications at
varying levels of fidelity
• Network Emulators:– Tools that create a fake network on which real-
world applications can be run without modification
Modeling Environments Exist
Each of these has downsides
9
• Network testbeds can suffer from contention and scalability
• Network simulators use an abstraction for the application; security often depends on corner cases
• Network emulators often prevent network manipulation once configured and operating
Modeling Environments Exist
…but it’s not all bad
10
• Network emulators have significant benefits– They run actual application binaries– They require drastically less hardware
• Unfortunately many existing emulators use static routing and do not allow live network manipulation
Modeling Environments Exist
12
Proposal: GUFiNE“GU Flexible Network Emulation”
Application instances connected in arbitrary network topologies
Host Emulator
Contained within an emulation host
Host EmulatorOr a collection of emulation hosts
13
Emulation Host
Proposal: GUFiNE
Linux
Application Level
Net Emulator Routing EngineNetwork Stack
Net Emulator Control Interface
Network Emulator
NetworkApplications
Path information is stored in the
routing engine and used for traffic
shaping and routing
Packets are delayed and re-injected (without ever
leaving the host).
Path characteristics (delay, bandwidth) and routing can be updated on the fly
14
• GUFiNE transparently creates a network topology for applications running on the host– Applications simply bind to an IP address
alias
• The control plane allows routing and network link characteristics to be modified on the fly
Proposal: GUFiNE
15
• Allows exploring questions in changing network conditions. – What advantage does an adversary receive if they can
shift the routing between two hosts when trying to break anonymity in an onion routing network?
– What if they can do it for N host-pairs?
• Can explore these questions with real application binaries
Proposal: GUFine
16
Goal:• Single host dynamic
emulator module• Control toolchain
Costs:• 6 months• $29,500
Goal:• Multi-host distributed
emulation• Distributed control toolchain
Costs:• 6 Months• $50,000
Proposal Requirements
Part 2Part 1
Research proposal; costs are estimated; success is not guaranteed
top related