CSE 548 Advanced Computer Network Security - Wireless Security - PowerPoint PPT Presentation

Loading...

PPT – CSE 548 Advanced Computer Network Security - Wireless Security PowerPoint presentation | free to view - id: 42542c-OTVhY



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

CSE 548 Advanced Computer Network Security - Wireless Security

Description:

CSE 548 Advanced Computer Network Security - Wireless Security Dijiang Huang Arizona State University, Fall 2007 Outline Wireless Network Technology Overview Wireless ... – PowerPoint PPT presentation

Number of Views:135
Avg rating:3.0/5.0
Slides: 51
Provided by: RobertSu5
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: CSE 548 Advanced Computer Network Security - Wireless Security


1
CSE 548 Advanced Computer Network Security -
Wireless Security
  • Dijiang Huang
  • Arizona State University, Fall 2007

2
Outline
  • Wireless Network Technology Overview
  • Wireless Data Network
  • Wireless Mesh
  • RFID
  • Wireless LAN Security
  • Pervasive Computing

3
Wireless Data Network
4
Wireless Mesh
5
Wireless Deployment Options
6
RFID
  • IBM RFID Commercial 1
  • IBM RFID Commercial 2
  • How RFID works?
  • RFID threats.
  • e-Passport (secure or not?)

7
Outline
  • Wireless Network Technology Overview
  • Wireless LAN Security
  • 802.11 a/b/g Overview
  • Wireless Network Security Issues
  • Hacking, Cracking and Attacks
  • Risk Mitigation
  • Pervasive Computing

8
Wireless Frequencies Available to the Public
  • Regulated by IEEE (Institute of Electrical and
    Electronics Engineers) 802.11x Standards
  • 802.11a
  • 802.11b
  • 802.11g
  • New technologies
  • 802.11n
  • 802.16 (WiMAX)
  • Go to http//www.ieee802.org/11/

9
802.11a
  • Works at 40mhz, in the 5Ghz range
  • THEORETICAL transfer rates of up to 54mpbs
  • ACTUAL transfer rates of about 26.4mbps
  • Limited in use because it is almost a line of
    sight transmittal which necessitates multiple
    WAPs (wireless access points)
  • Cannot operate in same range as 802.11b/g
  • Absorbed more easily than other wireless
    implementations

10
802.11b WiFi
  • Operates at 20mhz, in the 2.4Ghz range
  • Most widely used and accepted form of wireless
    networking
  • THEORETICAL speeds of up to 11mbps
  • ACTUAL speeds depend on implementation
  • 5.9mbps when TCP (Transmission Control Protocol)
    is used
  • (error checking)
  • 7.1mbps when UDP (User Datagram Protocol) is used
  • (no error checking)
  • Can transmit up to 8km in the city
  • rural environments may be longer if a line of
    sight can be established

11
802.11b - WiFi (cont.)
  • Not as easily absorbed as 802.11a signal
  • Can cause or receive interference from
  • Microwave ovens (microwaves in general)
  • Wireless telephones
  • Other wireless appliances operating in the same
    frequency

12
802.11g - Super G
  • Operates at the same frequency range as 802.11b
  • THEORETICAL throughput of 54mpbs
  • ACTUAL transmission rate is dependent on several
    factors, but averages 24.7mbps
  • Logical upgrade from 802.11b wireless networks
    backwards compatibility
  • Suffers from same limitations as 802.11b network
  • System may suffer significant decrease in network
    speeds if network is not completely upgraded from
    802.11b

13
Wireless Security?
  • Hacking is no longer the esoteric domain of the
    techno-elite. Most often done by young males
    ages 15-25 that have extensive computer
    programming knowledge.
  • Variety of reasons from simple curiosity all the
    way to achieving terrorist ideals.
  • Most often used for identity theft and industrial
    espionage.

14
Evolution of Wireless LAN Security Challenges
15
WLAN/RF based Threats
16
Wired vs. Wireless
  • Wired networks offer more and better security
    options than wireless
  • More thoroughly established standards with wired
    networks
  • Wireless networks are much more equipment
    dependent than wired networks
  • Easier to implement security policies on wired
    networks

17
Hacking and Cracking
  • Wired networks less susceptible to
    hackers/crackers
  • RF signals allow for more unauthorized attempts
  • Ubiquitous wireless networking devices allow
    access
  • Hacking
  • Gaining unauthorized access to networks/devices
  • by algorithms or penetration programs
  • Cracking
  • Extending the use of devices past original
    intentions

18
Common Hacking Cracking Techniques and Devices
  • Referred to as Wardrivers or Warchalkers
  • Use PDAs, laptops, scanners, tablets or any WiFi
    enabled devices
  • Underground networks list and update open
    networks that are waiting to be exploited
  • Attack weak keys or sniff messages going over the
    network to determine SSID range

19
Types of Attacks
  • Man in the Middle Attacks
  • Attacker intercepts identification information of
    the sending and receiving parties.
  • Substitutes own key in both situations
  • Gives access to all information passed between
    parties
  • Denial of Service or Distributed Denial of
    Service
  • TCP SYN ACK Flood or Buffer Overrun Typical DoS
  • Illicit servers used to set up zombie machines
    for a DDoS
  • Social Engineering
  • Most prevalent form of network attacks
  • Hardest to defend against because it involves
    human nature

20
Types of Attacks (cont.)
  • Weak key attacks
  • Involve algorithms in RC4 hashing algorithm and
    WEP (Wired Equivalent Privacy)
  • Both implementations use easily broken algorithms
  • WEP has been broken in under 2 hours
  • Dictionary attacks
  • Attackers use pre-populated list of frequently
    used passwords and regular words
  • Birthday attacks
  • A complicated algorithmic attack

21
Open Networks
  • Most often associated with home networks
  • Networks are the target of hackers that
    wardrive.
  • Result of wireless networks that are either
    unsecured entirely or are using weak WEP keys
  • Effects can be devastating

22
Wireless Networks
  • Ensure all unused ports are closed
  • Any open ports must be justified
  • Pessimistic network view
  • Enforce the rule of least access
  • Ensure SSIDs are changed regularly
  • Ensure insurance and authentication standards
    created and enforced

23
Encryption and Data Insurance
  • USE STRONG ENCRYPTION!!
  • SHA-1 (Secure Hashing Algorithm)
  • End to End Encryption
  • Initiate encryption at user and end at server
    that is behind the firewall, outside the DMZ
  • Treat WLANs as untrusted networks that must
    operate inside the DMZ
  • Access trusted network via VPN and two-factor
    authentication
  • Increase application security
  • Possibly through use of an enterprise application
    system
  • Minimally through increased encryption

24
Encryption and Data Insurance
  • Do not, under any circumstances, allow ad hoc
    WLANS
  • Embrace and employ the 802.11i IEEE security
    standard
  • Native per user access control
  • Native strong authentication
  • (tokens, smartcards and certificates)
  • Native strong encryption
  • Best bet for new wireless networks

25
Outline
  • Wireless Network Technology Overview
  • Wireless LAN Security
  • Security in Pervasive Computing

26
Old Computer Security Paradigms
  • Information Fortress Blakeley, NSPW96
  • Walls (security perimeter, firewalls)
  • Guards and gates (access control)
  • Passwords (passwords)
  • Fortress contents (computer system, confidential
    data)
  • Spies, saboteurs, and Trojan Horses (viruses,
    worms, Trojan horses)
  • CIA Confidentiality, Integrity, and
    Availability
  • Originally misnamed PIA to avoid
    CIA Greenwald, NSPW98
  • with P for Privacy (but really meaning
    Confidentiality)

27
Old Computer Security Paradigms
  • Information Fortress Blakeley, NSPW96
  • Walls (security perimeter, firewalls)
  • Guards and gates (access control)
  • Passwords (passwords)
  • Fortress contents (computer system, confidential
    data)
  • Spies, saboteurs, and Trojan Horses (viruses,
    worms, Trojan horses)
  • CIA Confidentiality, Integrity, and
    Availability
  • Originally misnamed PIA to avoid
    CIA Greenwald, NSPW98
  • with P for Privacy (but really meaning
    Confidentiality)

28
Failures of Old Security Paradigms
  • Opinions of Dr. Bill Wulf
  • Pioneer in computer security
  • President of the National Academy of Engineering
    (U.S.A.)
  • Computer security made little progress between
    mid 70s and mid 90s
  • Why? (top 5 reasons)
  • Fatally flawed basic assumption of Perimeter
    Defense (PD)
  • Misconception that security flaws rise because of
    s/w bugs (not only!)
  • PD cannot defend against legitimate insiders
  • PD cant prevent DoS attacks (which dont
    penetrate systems)
  • PD has never worked (not a single PD-based system
    that works)

29
Failures of Old Security Paradigms
  • Incremental RD in last 30 years tried to fix the
    Perimeter Defense model problem
  • Suggestions
  • Maybe system should not define security instead
    define best effort delivery
  • Define inherently distributed security model
  • General security is not a good idea and security
    must be application-specific, context-specific,
    etc.
  • Challenge the basic security assumptions and
    explore alternative security solutions

30
Failures of Old Security Paradigms
  • Opinions of Farnam Jahanian U. Michigan
  • w.r.t. Perimeter Security for ISPs
  • Perimeter Security cant address
  • Zero-day threats
  • Internal misuse
  • On-site consultants and contractors
  • Partner extranets
  • Exposed VPN clients and open wireless
    environments
  • Solutions
  • Virtualize perimeter
  • Model network not threats
  • Use defence in depth
  • Deal with crumbling perimeter of enterprise
    security
  • (evolving models of threat, trust, business)

31
Old Paradigms Are Not Sufficient
  • Enhance Old Security Paradigms (OSPs)
  • OR
  • Replace OSPs with New Security Paradigms

32
Replacing OSP with New Paradigms
  • Why to replace?
  • Computing becomes pervasive
  • No longer just people-to-people communication
    (like e-mail, WWW)
  • Now also device-to-device communication
  • Notebook, PDA, cell phone, watch,
  • Embedded black box in a car, intelligent
    refrigerator,
  • Sensor networks
  • How to replace?
  • Consider key concepts for new security paradigms
  • Review known security paradigms
  • Devise an appropriate new security paradigm

33
Pervasive Security or Just Security
  • Pervasive computing significantly impacts
    research in software systems, networking and
    hardware
  • Will traditional security techniques be easily
    applicable to security problems in pervasive
    computing?
  • OR
  • Should new general paradigm of Pervasive
    Security be determined?

cf. NSF IDM Workshop, August 2003
34
Assumptions for Pervasive Security
  • Mobile nodes, code, data
  • Unknown/trustworthy host executing
    unknown/trustworthy code using unknown/trustworthy
    data
  • Borderless systems
  • System perimeter is fluid, shifts all the time
  • System perimeters overlap
  • Application-centric not system-centric solutions
  • Widely varying environment for a given system
  • Environment often either unknown or untrustworthy
  • incl. malicious nodes, illegitimate users
  • Use context-awareness to determine proper level
    of security
  • at home dont need to look over my shoulder as in
    a bad neighborhood

cf. NSF IDM Workshop, August 2003
35
Pervasive Security Challenges
  • Large set of attacks possible, e.g.
  • Physical attacks in addition to all types of
    software attacks
  • gtneed tamper resistance (e.g., hardware-based
    intrusion detection)
  • Information leaks gt need physical obfuscation
    (e.g. deceiving data)
  • Power-draining attacks
  • Bandwidth-usage attacks gt prevent, e.g., by
    charging users for BW
  • Always-on wireless connectivity
  • Firewall or Superuser approaches do not work well
  • DoS attacks and DoS accidents difficult to
    protect against
  • (e.g., a center-of-attention DoS accident, when
    too many legitimate messages sent to a device
    until it becomes overloaded e.g., when it joins
    a new system, or when it offers an extremely
    popular service)
  • Energy-efficient cryptography needed
    (authentication and encryption)

cf. NSF IDM Workshop, August 2003
36
Pervasive Security Challenges
  • Heterogeneous devices with limited resources
    (CPU, memory, bandwidth, energy, )
  • Detect corrupted sensors and actuators
  • Detect s/w breaks
  • Efficient lightweight cryptographic primitives
  • portable, low-power, low-memory usage, simple,
    proven security
  • Lack of clarity regarding Trusted Base
  • On whose behalf is the device acting ?
  • What software or hardware is trusted ?
  • How do we achieve (provable) security with a
    minimal Trusted Computing Base ?
  • Need to define security mechanisms across the
    hardware/software interface

cf. NSF IDM Workshop, August 2003
37
Principles for New Paradigms
  • Security should be inherent, not add-on
  • Do not depend on identity, dont authenticate it
  • Good enough is good enough. Perfect is too good
  • Adapt and evolve
  • Use ideas of security from open social systems

Blakley, 1996
38
Security Paradigms w.r.t. Sources
  • Generic and specialized Paradigm categories
    w.r.t. their sources
  • Computer science
  • Reliability, integrity, or fault tolerance
  • Concurrency control
  • Biological phenomena
  • Human organism and immune systems
  • Genetics
  • Epidemiology
  • Ecology
  • Physical phenomena
  • Diffusion or percolation

39
Security Paradigms w.r.t. Sources
  • cont - Generic and specialized Paradigm
    categories w.r.t. their sources
  • Mathematical theories
  • Game theory
  • Artificial and natural models of animal and human
    social systems
  • Military science theories and systems
  • Business and economic systems
  • Esp. accounting and auditing systems
  • --- Details for each of the categories follow ---

40
CS Paradigms Compromise Tolerance
  • Analogy computer science fault tolerance
  • Fault (compromise) tolerance ability of a
    system to work acceptably even when components
    have failed (have been compromised)
  • Compromise tolerance vs. fault tolerance Kahn,
    1998
  • Behavior of faulty components is simpler --
    compromised components may be maliciously clever
  • Faults are usually independent -- compromises are
    not
  • Solution independent corroboration
  • Independent corroboration is a form of redundancy
  • Difficulty independence is difficult to pin down
  • how can software judge whether two principals are
    independent?
  • Analysis of independence
  • independence is not absolute, but relative to
    one's interests
  • independence judgments are closely tied to trust
  • independence judgments are based largely on known
    connections between the principals

41
CS Paradigms Optimistic Access Control
  • Analogy computer science optimistic
    concurrency control
  • Optimistic concurrency control
  • Let transactions execute / Undo or compensate
    transactions that violated rules
  • Optimistic access control (OAC) Povey, 1999
  • Enforcement of access rules is retrospective
  • System administrator ensures that the system is
    not misused
  • Compensating transactions to recover system
    integrity in the case of a breach
  • Handles emergencies
  • Working alongside traditional access control,
    which handles normal situations
  • Applicability
  • OAC enables defining security policies with
    emergency roles
  • Allow users to exceed their normal
    least-privilege access rights on rare special
    occasions (disaster, medical emergency, critical
    deadline)

42
Bio Paradigms Human vs. Computer
  • Analogy biology human organism
  • Striking similarities between humans and computer
    systems Williams, 1996
  • Made up of many distinct but tightly integrated
    subsystems
  • Recursively, subsystems include subsystems
  • Have external interfaces (human skin, eyes
    computers physical protection, I/O devices)
  • Have internal interfaces (human nervous system
    and heart computers int. between modules)
  • Check for bad input (human sneezing if foreign
    particles computers input validation)
  • Detect intrusions (human immune system
    computers IDS or IPS)
  • Correct errors (human rebuilding of genetic
    material computers fault tolerance)
  • Conclusions
  • We can learn a lot about securing complex
    systems by looking to evolution and medicine.
    From evolution, we should especially note the
    complex relationship between threats and
    protections. Williams, 1996

43
Bio Paradigms New Availability Model
  • Analogy biology epidemiology
  • System availability Lin, Ricciardi,
    Marzullo, 1998
  • Probability that the system satisfies its
    specification no more than f processes are
    infected
  • Application of epidemiology
    ibid
  • Model a simple epidemic with a zero latency
    period
  • Different from existing epidemiological
    approaches (e.g, as used for virus
    propagation modeling)
  • Transmission of infection is more restricted than
    general mixing of populations
  • Measure availability -- not the expected of
    infected processes as a function of time
  • Assumed the system will not misbehave if no more
    than f processes are infected
  • A simple epidemic model (not a general epidemic
    model)
  • Disinfection not done unless too many processes
    infected
  • Expensive either identify infected processes or
    reload all processes from trusted images
  • Observation
  • When connectivity is low, a higher transmission
    rate is required for an epidemic to become
    widespread

44
Physics Paradigms Insecurity Flow
  • Analogy physics percolation theory
  • Insecurity flow throughout security domains
    Moskowitz and Kang, 1997
  • Insecurity flow not information flow
  • Can insecurity flow penetrate a protection?
    (all-or-nothing no partial flows)
  • Security violation protective layers broke down
    and insecurity flows in
  • In the physics world
  • Fire spreading through a forest, or
  • Liquid spreading through a porous material are
    analyzed via percolation theory
  • Insecurity flow is similarly analyzed
  • Source point where invader starts out
  • Sink repository of information that we protect
  • Security violation when insecurity flow reaches
    the sink

45
Math Paradigms MANET Security
  • Analogy math game theory
  • Potential node misbehaviors in mobile ad hoc
    networks (MANETs)
  • Michiardi and Molva, 2002
  • Passive DoS attacks no energy cost for attackers
  • Attacks by malicious nodes harm others, w/o
    spending any energy
  • Attacks by selfish nodes save my energy
  • Active DoS attacks energy cost for attackers
  • Attacks by malicious nodes harm others, even if
    it costs energy
  • CORE security mechanism
  • Based on reputation
  • Assures cooperation among N/2 nodes
    (N number of network nodes)
  • Game theory model used to analyze CORE
  • Prisoners Dilemma (PD) game Tucker, 1968
  • Represents strategy to be chosen by nodes of a
    mobile ad hoc network
  • Nodes are players can cooperate or defect

46
Math Paradigms MANET Security - cont.
  • Prisoners Dilemma example
  • Police arrest two robbers who hid stolen money,
    and interrogate them in separate cells
  • Each criminal faces two choices to confess
    (defect) or not (cooperate)
  • If a criminal does not confess while his partner
    does, he will be jailed while his partner is set
    free partner gets all hidden money
  • If both confess, both will go to jail - money is
    safe theyll divide hidden money when set free
  • If neither of them confesses, both will be set
    free - money is safe theyll divide hidden money
  • Classical PD the game is played only once
  • Dominant strategy confess (regardless of the
    other players move)
  • Notion of trust is irrelevant there is no next
    time
  • Extended PD m-dimensional game
  • Building mutual trust over time gives the best
    result
  • Both criminals are set free, each gets 50 of
    hidden money in each of m cycles

47
Social Paradigms SafeBot
  • Analogy social interactions, bodyguards
  • Idea of SafeBots Filman and Linden, 1996
  • Software security controls implemented as
    ubiquitous, communicating, dynamically
    confederating agents that monitor and control
    communications among the components of
    preexisting applications
  • Agents remember events, communicate with other
    agents, draw inferences, and plan actions to
    achieve security goals
  • A pervasive approach, in contrast to, e.g.,
    firewalls
  • Implementation
  • Foolproof security controls for distributed
    systems
  • Flexible and context-sensitive
  • Translate very high level specification languages
    into wrappers (executables) around insecure
    components
  • Observation mammals devote large fraction of
    processing to security
  • Maybe computer systems should devote to security
    100 times more resources?
  • Filman and Linden, 1996

48
Social Paradigms Traffic Masking
  • Analogy military intelligence services -
    deception
  • Traffic analysis attacks
  • For RPC communication, traffic analysis attackers
    can determine the identity of the remote method
    by analyzing the length of the message and the
    values of the arguments being passed to the
    method
  • Solution traffic masking by data
    padding Timmerman, 1997
  • Prevents inferring
  • Adding padding data makes all of the messages
    look identical in terms of their length and the
    type of data that is being sent.
  • Messages are masked to an eavesdropper
  • Any message may be used to invoke any of the
    methods on the server

49
Social Paradigms Small World
  • Small-world phenomenon Milgram, 1967
  • Find chains of acquaintances linking pairs of
    people in the United States who did not know one
    another (remember the Erdös number?)
  • Result the average number of intermediate steps
    in a successful chain between five and six gt
    the six degrees of separation principle
  • Relevance to security research Capkun et al.,
    2002
  • A graph exhibits the small-world phenomenon if
    (roughly speaking) any two vertices in the graph
    are likely to be connected through a short
    sequence of intermediate vertices

50
References
  • Slides are partially based on Bharat Bhargavas
    slides
  • Paper References
  • 1. The American Heritage Dictionary of the
    English Language, 4th ed., Houghton Mifflin,
    2000.
  • 2. B. Bhargava et al., Trust, Privacy, and
    Security Summary of a Workshop Breakout Session
    at the National Science Foundation Information
    and Data Management (IDM) Workshop held in
    Seattle,Washington, Sep. 1416, 2003, tech.
    report 2003-34, Center for Education and Research
    in Information Assurance and Security, Purdue
    Univ., Dec. 2003
  • www.cerias.purdue.edu/tools_and_resources/bibtex_
    archive/archive/2003-34.pdf.
  • 3. Internet Security Glossary, The Internet
    Society, Aug. 2004 www.faqs.org/rfcs/rfc2828.html
    .
  • 4. B. Bhargava and L. Lilien Private and
    Trusted Collaborations, to appear in Secure
    Knowledge Management (SKM 2004) A Workshop,
    2004.
  • 5. Sensor Nation Special Report, IEEE
    Spectrum, vol. 41, no. 7, 2004.
  • 6. R. Khare and A. Rifkin, Trust Management on
    the World Wide Web, First Monday, vol. 3, no. 6,
    1998 www.firstmonday.dk/issues/issue3_6/khare.
  • 7. M. Richardson, R. Agrawal, and P.
    Domingos,Trust Management for the Semantic Web,
    Proc. 2nd Intl Semantic Web Conf., LNCS 2870,
    Springer-Verlag, 2003, pp. 351368.
  • 8. P. Schiegg et al., Supply Chain Management
    SystemsA Survey of the State of the Art,
    Collaborative Systems for Production Management
    Proc. 8th Intl Conf. Advances in Production
    Management Systems (APMS 2002), IFIP Conf. Proc.
    257, Kluwer, 2002.
  • N.C. Romano Jr. and J. Fjermestad, Electronic
    Commerce Customer Relationship Management A
    Research Agenda, Information Technology and
    Management, vol. 4, nos. 23, 2003, pp. 233258.
  • http//www.ieee802.org/11/
About PowerShow.com