Network Architectures: Internet Security (Seminar, WiSe 2009/2010)
News / Aktuelles
-
This seminar has been joint with the Seminar
Security in Telecommunications
of FG SecT.Dieses Seminar wurde mit dem Seminar
Security in Telecommunications
von FG SecT zusammen gelegt.
Overview / Überblick
lecturer / Dozentin: | Prof. Anja Feldmann, Sonja Buchegger, Prof. Jean-Pierre Seifert (FG SecT) |
Contact Person / Ansprechpartner: | Gregor
Schaffrath, Jan Böttger, Doris Schiöberg, Collin Mulliner (FG SecT) |
Supervisors / Betreuer: |
All supervisors / Alle Betreuer: |
event type / Veranstaltungstyp: | advanced seminar / Hauptseminar |
area / Gebiet: | Diplom Informatik: Operating and
Communication Systems / Betriebs- und Kommunikationssysteme
(BKS) Master of Computer Science: Communication-Based Systems Master of Computer Engineering: Communication Systems Bachelor of Computer Science: Communication Technology Bachelor of Computer Engineering: Computer Science |
Module(s) / Modul(e): | part of the following modules /
Teil folgender Module: BINF-KT-NA/PJSE.W09, MINF-KT-NA/VTK.W09, MINF-KT-NA/VTG.W09. |
SWS: | 2 |
ECTS / LP: | 3 |
Time / Zeit: | tba |
Room / Raum: | tba |
Preparatory Meeting / Vorbesprechung: | 16 October 2009, 12:00 h, in room TEL 1118/19 |
Deadline for Registration / Anmeldung bis: |
20 October 2009 |
Course ID / Veranstaltungsnr.: | 0432 L 822 |
Audience / Hörerkreis | main course students / Hauptstudium |
Prerequisites / Voraussetzungen: | intermediate diplom, profound knowledge
in computer networks and cryptology, good english
for reading scientific papers / Vordiplom, tiefgehendes Wissen in Rechnernetzen und Kryptologie, gutes Englisch, um wissenschaftliche Artikel zu lesen |
Exam / Prüfung: | talk and paper / Vortrag und Ausarbeitung |
Content / Inhalt
The Internet influences our life more and more:
Many of us use electronic mail instead of writing with pen
and paper, homebanking and ordering books over the web are
in everyday life, and elections via Internet are in field
tests. Furthermore, the interconnectedness gets denser and the
day is near that every coffee maker is programmable through
the internet and every car connects to its manufacturer for
diagnosis.
But this implies many security risks as well: Spying and manipulating data, spam, intrusions, or denial-of-service attacs. This seminar deals with some major threats and possible counter-measures.
Das Internet gewinnt mehr und mehr Einfluss in unserem
Leben:
Für viele von uns haben E-Mails Briefe aus Papier ersetzt,
Homebanking und der Kauf von Büchern übers Web
gehört zum Alltag und es werden bereits erste Versuche
mit Wahlen über das Internet vorgenommen. Zudem wird die
Vernetzung immer dichter und der Tag ist nah, an dem jede
Kaffeemachine übers Internet programierbar ist und jedes
Auto sich übers Netz zu Diagnosezwecken mit dem Hersteller
in Verbindung setzt.
Damit verbunden sind aber auch viele Sicherheitsrisiken, z.B. das Ausspähen und die gezielte Manipulation von Daten, Spam, Intrusions/Eindringen in fremde Computer oder Denial-of-Service. In diesem Seminar werden wir uns mit einigen wichtigen Risiken und möglichen Gegenmaßnahmen beschäftigen.
Organisation
Intention of the seminar
-
practice to work original literature
-
practice of profesional/scientific talks
-
occupation with a small, definite and recent matter
Zweck des Seminars
-
Übung des Umgangs mit Orginalliteratur
-
Übung von fachlichen Vorträgen
-
Beschäftigung mit einem kleinen, klar abgegrenzten und aktuellen Stoffgebiet
General Guidelines
-
What is done in groups?
-
What conditions must the paper meet?
-
What has to be considered for the talk and the slides?
-
Hints for the translation from German to English
Allgemeine Richtlinien
-
Was wird in Gruppenarbeit erledigt?
-
Welche Anforderungen stellen wir an die schriftliche Ausarbeitung?
-
Was ist beim Vortrag und der Erstellung der Folien zu beachten?
-
Hinweise zum Übersetzen von Englisch nach Deutsch
Seminar Certificate
To receive the Seminar Certificate we require:
-
a successfull presentation/talk
-
a seminar paper accepted by us
-
continuous attendence and active participation and contribution (in the group meetings as well as during the presentations)
The seminar certificate will have a grade, which will be made from above mentioned Criteria.
Seminar Schein
Zum Seminar wird ein Schein vergeben. Wir erwarten dafür konkret:
-
erfolgreicher Vortrag
-
von uns akzeptierte Ausarbeitung
-
durchgängige Teilnahme mit aktiver Mitarbeit (sowohl in den Gruppentreffen als auch am eigentlichen Seminar)
Es werden benotete Scheine ausgestellt, wobei die Note sich aus den obigen Komponenten zusammensetzt.
Schedule / Zeitplan
When/Wann? | What? | Was? | Time Need / Aufwand? |
---|---|---|---|
16 October 2009, 12:00–14:00 | Preparatory Meeting: Presentation of
the supervisors, topic groups and topics [PDF] slides from the meeting |
Vorbesprechung: Vorstellung der
Betreuer, Themengruppen und Einzelthemen [PDF] Folien der Vorbesprechung |
2h |
until/bis 25 October 2009 (12:00) |
Registration for the seminar via ISIS. At least three topic wishes and the Matrikelnummer are required. The topics are allocated by lot! | Anmeldung zum Seminar per ISIS. Es müssen mindestens drei Themenwünsche und die Matrikelnummer angegeben werden. Die Themenvergabe wird ausgelost! | |
26 October 2009 | Announcement of participant ↔ topic correlation in the web or per email | Bekanntgabe der Zuordnung der Themen auf die Teilnehmer/innen im Web oder per E-Mail | |
until / bis 8 November 2009 |
elaborate the topic (search literature, sort it, read it – and if possible – understand it) | Thema ausarbeiten (Literatur suchen, sortieren, lesen und – soweit es geht – verstehen) | 20h |
until / bis 9 November 2009, 8:00 a.m. |
Send a short version of your seminar paper containing structural and short hints as to the planned content to your supervisor (as a discussion basis) | Sende eine Kurzversion Deiner geplanten Ausarbeitung mit stichpunktartigen Informationen als Diskussionsbasis an Deinen Betreuer! | |
until / bis 13 November 2009 |
Meeting of every participant with his supervisor | Treffen jedes/r Teilnehmers/in mit seinem/ihrem Betreuer | 1h |
until / bis mid December 2009 |
summarize literature in a seminar paper (about 10 pages) | Literatur in Form einer Seminarausarbeitung (ca. 10 Seiten) zusammenfassen. | 20h |
until / bis 14 December 2009 |
send seminar paper to supervisor | Seminarausarbeitung an Betreuer mailen | |
until / bis 4 January 2010 |
read and correct seminar paper of the other participants of the group | Korrekturlesen der Seminarausarbeitungen der anderen Gruppenteilnehmer | 5h |
susequently / anschließend | Group meeting: exchange comments and helpful hints with each other. Attendance is mandatory! | Gruppentreffen: Dabei werden die gegenseitigen Kommentare besprochen. Anwesenheit ist verpflichtend! | 2h |
until / bis 15 January 2010 |
incorporate results of the group meeting in seminar paper and send the revised version to supervisor | Ergebnisse des Gruppentreffens in Seminarausarbeitung einarbeiten und überarbeitete Fassung an Betreuer mailen | 5h |
until / bis 29 January 2010 |
Prepare slides and send them to supervisor | Vortragsfolien vorbereiten und an Betreuer mailen | 10h |
until / bis 5 February 2010, 8:00 a.m. |
Meeting with supervisor: discuss slides | Treffen mit Betreuer zur Besprechung der Folien | 1h |
until / bis 12 February 2010, 8:00 a.m. |
incoporate comments of supervisor in slides and send final version to supervisor | Treffen mit Betreuer zur Besprechung der Folien | 5h |
tba | Prepare the talk | Vorbereitung des Vortrags | 5h |
tba | Talks Attendance to all talks is mandatory! |
Vorträge Anwesenheit zu allen Vorträgen ist verpflichtend! |
45min incl. Discussion per talk |
Topics / Themen
FG INET
(Hide all abstracts & references / alle Zusammenfassungen und Referenzen ausblenden)
(Unhide all abstracts & references / alle Zusammenfassungen und Referenzen einblenden)
- X.2 — Towards Optimal Firewall Rule Ordering Utilizing Directed Acyclical Graphs
-
Student/Bearbeiter: Jianhuang Liang; Supervisor/Betreuer: Ingmar Poese
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)Firewalls enforce a security policy by inspecting packets arriving or departing a network. This is often accom- plished by sequentially comparing the policy rules with the header of an arriving packet until the first match is found. This process becomes time consuming as policies become larger and more complex. Therefore determining the appropriate action for arriving packets must be done as quickly as possible. The process of packet header matching can be improved if more popular rules appear earlier in the policy. Unfortunately, a simple sorting algorithm is not possible since the relative order of certain rules must be maintained in order to preserve the original policy intent. Utilizing Directed Acyclical Graphs (DAGs) to represent firewall policy, this paper will introduce a novel rule sorting technique. The technique is capable of considering sub-graphs of rules (inter-related by precedence constraints) and compare the advantage of placing and merging the rules that comprise them. Experimental results using a variety of policies will show that the proposed algorithm is able to find the optimal order in 98% of the example policies, which is substantially higher than other methods
-
Ashish Tapdiya and Errin W. Fulp Towards Optimal Firewall Rule Ordering Utilizing Directed Acyclical Graphs, In Proceedings of the IEEE International Conference on Computer Communications and Networks (ICCCN), 2009.
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.5 — Secure web browsing with the OP web browser?
-
Student/Bearbeiter: Taner Aydin; Supervisor/Betreuer: Benjamin Michéle
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)Current web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems via browser-based attacks. Browser security efforts that retrofit existing browsers have had limited success because the design of modern browsers is fundamentally flawed. To enable more secure web browsing, we design and implement a new browser, called the OP web browser, that attempts to improve the state-of-the-art in browser security. Our overall design approach is to combine operating system design principles with formal methods to design a more secure web browser by drawing on the expertise of both communities. Our overall design philosophy is to partition the browser into smaller subsystems and make all communication between subsystems simple and explicit. At the core of our design is a small browser kernel that manages the browser subsystems and interposes on all communications between them to enforce our new browser security features.
To show the utility of our browser architecture, we design and implement three novel security features. First, we develop novel and flexible security policies that allows us to include plugins within our security framework. Our policy removes the burden of security from plugin writers, and gives plugins the flexibility to use innovative network architectures to deliver content while still maintaining the confidentiality and integrity of our browser, even if attackers compromise the plugin. Second, we use formal methods to prove that the address bar displayed within our browser user interface always shows the correct address for the current web page. Third, we design and implement a browser-level information-flow tracking system to enable post-mortem analysis of browser-based attacks. If an attacker is able to compromise our browser, we highlight the subset of total activity that is causally related to the attack, thus allowing users and system administrators to determine easily which web site lead to the compromise and to assess the damage of a successful attack. To evaluate our design, we implemented OP and tested both performance and filesystem impact. To test performance, we measure latency to verify OP's performance penalty from security features are be minimal from a users perspective. Our experiments show that on average the speed of the OP browser is comparable to Firefox and the audit log occupies around 80KB per page on average
-
Chris Grier, Shuo Tang, and Samuel T. King, Secure web browsing with the OP web browser?, Proceedings of the 2008 IEEE Symposium on Security and Privacy (Oakland), May 2008
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.8 — Is Your Cat Infected with a Computer Virus?
-
Student/Bearbeiter: Meng Liu; Supervisor/Betreuer: Janis Danisevskis
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)RFID systems as a whole are often treated with suspicion, but the input data received from individual RFID tags is implicitly trusted. RFID attacks are currently conceived as properly formatted but fake RFID data; however no one expects an RFID tag to send a SQL injection attack or a buffer overflow. This paper is meant to serve as a warning that data from RFID tags can be used to exploit back-end software systems. RFID middleware writers must therefore build appropriate checks (bounds checking, special character filtering, etc..), to prevent RFID middleware from suffering all of the well-known vulnerabilities experienced by the Internet. Furthermore, as a proof of concept, this paper presents the first self-replicating RFID virus. This virus uses RFID tags as a vector to compromise backend RFID middleware systems, via a SQL injection attack.
-
Melanie R. Rieback, Bruno Crispo, Andrew S. Tanenbaum Is Your Cat Infected with a Computer Virus?, percom, pp. 169–179, Fourth IEEE International Conference on Pervasive Computing and Communications (PerCom'06), 2006
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.10 — Beware of BGP Attacks
-
Student/Bearbeiter: Kai Kai Yang; Supervisor/Betreuer: Jan Böttger
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)This note attempts to raise awareness within the network research community about the security of the interdomain routing infrastructure. We identify several attack objectives and mechanisms, assuming that one or more BGP routers have been compromised. Then, we review the existing and proposed countermeasures, showing that they are either generally ineffective (route filtering), or probably too heavyweight to deploy (S-BGP). We also review several recent proposals, and conclude by arguing that a significant research effort is urgently needed in the area of routing security.
-
Ola Nordstrom and Constantinos Dovrolis, Beware of BGP Attacks, ACM Computer Communications Review, April 2004
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.12 — Routing Security in Ad Hoc Networks
-
Student/Bearbeiter: Yu Han; Supervisor/Betreuer: Luigi Iannone
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)A mobile ad hoc network consists of a collection of wireless mobile nodes that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. MANET is an emerging research area with practical applications. However, wireless MANET is particularly vulnerable due to its fundamental characteristics, such as open medium, dynamic topology, distributed cooperation, and constrained capability. Routing plays an important role in the security of the entire network. In general, routing security in wireless MANETs appears to be a problem that is not trivial to solve. In this article we study the routing security issues of MANETs, and analyze in detail one type of attack—the "black hole" problem—that can easily be employed against the MANETs. We also propose a solution for the black hole problem for ad hoc on-demand distance vector routing protocol
-
H Deng, W Li, DP Agrawal, Routing Security in Ad Hoc Networks, IEEE Communications Magazine, 2002
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.13 — Security Considerations for Peer-to-Peer Distributed Hash Tables
-
Student/Bearbeiter: Ullrich Pfefferlein; Supervisor/Betreuer: Gregor Schaffrath
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)Recent peer-to-peer research has focused on providing efficient hash lookup systems that can be used to build more complex systems. These systems have good properties when their algorithms are executed correctly but have not generally considered how to handle misbehaving nodes. This paper looks at what sorts of security problems are inherent in large peer-to-peer systems based on distributed hash lookup systems. We examine the types of problems that such systems might face, drawing examples from existing systems, and propose some design principles for detecting and preventing these problems.
-
Emil Sit and Robert Morris, Security Considerations for Peer-to-Peer Distributed Hash Tables, Lecture Notes in Computer Science, Springer Berlin / Heidelberg, Volume 2429/2002, pp. 261–269, Jan 2002
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.15 — Protecting DNS from Routing Attacks: A Comparison of Two Alternative Anycast Implementations
-
Student/Bearbeiter: Boran Quian; Supervisor/Betreuer: Ioannis Avramopoulos
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)DNS is a critical piece of the Internet supporting the majority of Internet applications. Because it is organized in a hierarchy, its correct operation is dependent on the availability of a small number of servers at the upper levels of the hierarchy. These \emph{backbone} servers are vulnerable to routing attacks in which adversaries controlling part of the routing system try to hijack the server address space. Using routing attacks in this way, an adversary can compromise the Internet's availability and integrity at a global scale. In this article, we evaluate the relative resilience to routing attacks of two alternative anycast implementations of DNS, the first operating at the network layer and the second operating at the application layer. Our evaluation informs fundamental DNS design decisions and an important debate on the routing architecture of the Internet.
-
Ioannis Avramopoulos, Martin Suchara, Protecting DNS from Routing Attacks: A Comparison of Two Alternative Anycast Implementations, IEEE Security and Privacy, 2009. IEEE computer Society Digital Library. IEEE Computer Society
(Unhide
abstract & reference / Zusammenfassung und Referenz
einblenden)
-
- X.19 — Shunting: A Hardware/Software Architecture for Flexible, High-Performance Network Intrusion Prevention
-
Student/Bearbeiter: Mikolaj Pawel Chwalisz; Supervisor/Betreuer: Luigi Iannone
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)Stateful, in-depth, inline traffic analysis for intrusion detection and prevention is growing increasingly more difficult as the data rates of modern networks rise. Yet it remains the case that in many environments, much of the traffic comprising a high-volume stream can, after some initial analysis, be qualified as of likely uninteresting. We present a combined hardware/software architecture, Shunting, that provides a lightweight mechanism for an intrusion prevention system (IPS) to take advantage of the heavy-tailed nature of network traffic to offload work from software to hardware.
The primary innovation of Shunting is the introduction of a simple in-line hardware element that caches rules for IP addresses and connection 5-tuples, as well as fixed rules for IP/TCP flags. The caches, using a highest-priority match, yield a per-packet decision: forward the packet; drop it; or divert it through the IPS. By manipulating cache entries, the IPS can specify what traffic it no longer wishes to examine, including directly blocking malicious sources or cutting through portions of a single flow once the it has had an opportunity to vet them, all on a fine-grained basis.
We have implemented a prototype Shunt hardware design using the NetFPGA 2 platform, capable of Gigabit Ethernet operation. In addition, we have adapted the Bro intrusion detection system to utilize the Shunt framework to offload less-interesting traffic. We evaluate the effectiveness of the resulting system using traces from three sites, finding that the IDS can use this mechanism to offload 55%-90% of the traffic, as well as gaining intrusion prevention functionality.
-
Jose Gonzalez, Vern Paxson, and Nicholas Weaver. Shunting: A Hardware/Software Architecture for Flexible, HighPerformance Network Intrusion Prevention, ACM CCS 2007
-
- X.25 — Secure Crash Reporting in Vehicular Ad hoc Networks
-
Student/Bearbeiter: Xiaokai He; Supervisor/Betreuer: Georgios Smaragdakis
(Hide abstract & reference / Zusammenfassung und Referenz ausblenden)We present AutoCore, an automated crash reporting application that uses VANETs (Vehicular Ad hoc NETworks) to provide authenticated digital video and telemetry data. This data is recorded by vehicles either involved in or at the scene of a crash and can be used by investigators to reconstruct the events that lead up to the crash. To secure this application, we present a security infrastructure that extends the state of the art in VANET security. In particular, the contributions of this infrastructure include (a) the concept of Road-worthiness Certificates, (b) use of these certificates in a practical scheme for the distribution of cryptographic vehicle credentials issued by regional transportation authorities, (c) a decentralized scheme for conditionally anonymous, inter-vehicle communication, (d) efficient support for the roaming of vehicles between different transportation authority jurisdictions and (e) an evaluation of our security infrastructure using AutoCore.
-
Sumair Ur Rahman and Urs Hengartner. Secure Crash Reporting in Vehicular Ad hoc Networks, Securecomm 2007
-
(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)
(Unhide abstract & reference / Zusammenfassung und Referenz einblenden)
FG SecT
- X.30 — Xen on arm: System virtualization using xen hypervisor for armbased secure mobile phones
-
Student/Bearbeiter: Seo Sangwon; Supervisor/Betreuer: Matthias Lange
see SECT seminar website for details. - X.36 — A Chipset Level Network Backdoor: Bypassing HostBased Firewall & IDS
-
Student/Bearbeiter: Andreas Schmidt-Dannert; Supervisor/Betreuer: Patrick Stewin
see SECT seminar website for details. - X.47 — Analyzing Information Flow in JavaScript-based Browser Extensions
-
Student/Bearbeiter: Julien Lironcourt; Supervisor/Betreuer: Jean-Pierre Seifert
see SECT seminar website for details. - X.50 — On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core
-
Student/Bearbeiter: Loreto Felipe; Supervisor/Betreuer: Collin Mulliner
see SECT seminar website for details.
Agenda / Ablauf
Time/Zeit | Topic/Thema | Resources |
---|---|---|
Mi/Wed 24 Feb. 2010 | ||
12:30 – 12:35 | Welcoming | |
12:35 – 13:20 | Beware of BGP Attacks (Kai Kai Yang) | Ausarbeitung / Paper |
13:25 – 14:10 | Security Considerations for Peer-to-Peer Distributed Hash Tables (Ullrich Pfefferlein) | Ausarbeitung / Paper |
14:15 – 15:00 | Xen on arm: System virtualization using xen (Seo Sangwon) | Ausarbeitung / Paper |
15:00 – 15:15 | Break / Pause | |
15:15 – 16:00 | Secure web browsing with the OP web browser (Taner Aydin) | Ausarbeitung / Paper |
16:05 – 16:50 | Analyzing Information Flow in JavaScript-based Browser Extensions (Julien Lironcourt) | Ausarbeitung / Paper |
16:55 – 17:40 | Shunting: A Hardware/Software Architecture for Flexible, HighPerformance Network Intrusion Prevention (Mikolaj Pawel Chwalisz) | Ausarbeitung / Paper |
17:40 – 17:45 | End of day 1 | |
Fr/Fri 26 Feb. 2010 | ||
09:00 – 09:05 | Start of day 2 | |
09:10 – 09:50 | Routing Security in Ad Hoc Networks (Yu Han) | Ausarbeitung / Paper |
09:55 – 10:40 | Protecting DNS from Routing Attacks: A Comparison of Two Alternative Anycast Implementations (Boran Qian) | Ausarbeitung / Paper |
10:40 – 10:50 | Break / Pause | |
10:50 – 11:35 | Secure Crash Reporting in Vehicular Ad Hoc Networks (Xiaokai He) | Ausarbeitung / Paper |
11:40 – 12:25 | Towards Optimal Firewall Rule Ordering Utilizing Directed Acyclical Graphs (Jianhuang Liang) | Ausarbeitung / Paper |
12:25 – 13:30 | Break / Pause | |
13:30 – 14:15 | On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core (Loreto Felipe) | Ausarbeitung / Paper |
14:20 – 15:05 | Routing Scalability (Haoran Bai) | Ausarbeitung / Paper |
15:05 – 15:30 | Wrap-up discussions and end of day 2 |
Literature / Literatur
The seminar treats recent publications from (among others)
the following conferences / bei dem Seminar werden aktuelle
Publikationen u.a. der folgenden Konferenzen behandelt:
SIGCOMM, IMC, PAM, Mobicom, P2P, NSDI, INFOCOM, CCS, NDSS, and Usenix
ATC.