14
play

14 Introduction Introduction Bad guys can put malware into - PDF document

Introduction Introduction source Encapsulation ISO/OSI reference model message M application segment H t H t M transport network datagram H n H n H t M presentation: allow applications to frame link H l H n H t M interpret


  1. Introduction Introduction source Encapsulation ISO/OSI reference model message M application segment H t H t M transport network datagram H n H n H t M  presentation: allow applications to frame link H l H n H t M interpret meaning of data, e.g., application physical encryption, compression, machine- link presentation specific conventions physical session  session : synchronization, switch checkpointing, recovery of data transport exchange network  Internet stack “missing” these destination H n H t network M link layers! link H l H n H t M application M H n H t M physical physical H t transport  these services, if needed, must M network H n H t M be implemented in application router link H l H n H t M  needed? physical CSE Department CSE Department 79 80 Introduction Introduction Why layering? Roadmap Dealing with complex systems:  What is the Internet?  explicit structure allows identification,  Network edge relationship of complex system’s pieces  end systems, access networks, links  layered reference model for discussion  Network core  modularization eases maintenance, updating of  circuit switching, packet switching, network system structure  change of implementation of layer’s service  Delay, loss and throughput in packet- transparent to rest of system switched networks  e.g., change in gate procedure doesn’t affect  Protocol layers, service models rest of system  Networks under attack: security  History Is layering considered harmful? CSE Department CSE Department 81 82 Introduction Introduction Bad guys can put malware into Network Security hosts via Internet  The field of network security is about:  Malware can get in host from a virus, worm, or  how bad guys can attack computer networks trojan horse.  how we can defend networks against attacks  Spyware malware can record keystrokes, web  how to design architectures that are immune to sites visited, upload info to collection site. attacks  Internet not originally designed with  Infected host can be enrolled in a botnet, used (much) security in mind for spam and DDoS attacks.  original vision: “a group of mutually trusting users attached to a transparent network”   Malware is often self-replicating: from an  Internet protocol designers playing “catch - up” infected host, seeks entry into other hosts  Security considerations in all layers! CSE Department CSE Department 83 84 14

  2. Introduction Introduction Bad guys can put malware into Example: 震荡波蠕虫病毒 hosts via Internet  Trojan horse  Worm: 破坏方式  Hidden part of some  infection by passively otherwise useful receiving object that gets software itself executed  Today often on a Web  self- replicating: propagates 具体技术特征 page (Active-X, plugin) to other hosts, users  Virus Sapphire Worm: aggregate scans/sec  infection by receiving in first 5 minutes of outbreak (CAIDA, UWisc data) object (e.g., e-mail attachment), actively executing  self-replicating: propagate itself to other hosts, users CSE Department CSE Department 85 86 Introduction Introduction Bad guys can attack servers and The bad guys can sniff packets network infrastructure Packet sniffing:  Denial of service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic  broadcast media (shared Ethernet, wireless) by overwhelming resource with bogus traffic  promiscuous network interface reads/records all packets (e.g., including passwords!) passing by select target 1. 2. break into hosts C A around the network (see botnet) 3. send packets toward src:B dest:A payload target from target B compromised hosts  Wireshark software used for end-of-chapter labs is a (free) packet-sniffer CSE Department CSE Department 87 88 Introduction Introduction The bad guys can use false source The bad guys can record and addresses playback  IP spoofing: send packet with false source address  record-and-playback : sniff sensitive info (e.g., password), and use later A C  password holder is that user from system point of view src:B dest:A payload C B A src:B dest:A user: B; password: foo B CSE Department CSE Department 89 90 15

  3. Introduction Introduction Roadmap Internet History  What is the Internet?  Network edge  end systems, access networks, links  Network core  circuit switching, packet switching, network structure  Delay, loss and throughput in packet- switched networks  Protocol layers, service models  Networks under attack: security  History CSE Department CSE Department 91 92 Introduction Introduction Internet History Internet History 1961-1972: Early packet-switching principles 1972-1980: Internetworking, new and proprietary nets  1970: ALOHAnet satellite Cerf and Kahn’s internetworking  1961: Kleinrock - queueing  1972: network in Hawaii principles: theory shows  ARPAnet public demonstration  1974: Cerf and Kahn -  minimalism, autonomy - no effectiveness of packet-  NCP (Network Control Protocol) architecture for internal changes required switching interconnecting networks to interconnect networks first host-host protocol  1964: Baran - packet-  best effort service model  1976: Ethernet at Xerox  first e-mail program switching in military nets  stateless routers PARC  ARPAnet has 15 nodes  1967: ARPAnet conceived  decentralized control  late70’s: proprietary by Advanced Research architectures: DECnet, SNA, define today’s Internet architecture XNA Projects Agency  late 70’s: switching fixed  1969: first ARPAnet node Ancestor of length packets (ATM operational precursor) the Internet  1979: ARPAnet has 200 nodes CSE Department CSE Department 93 94 Introduction Introduction Internet History Xerox PARC 1980-1990: new protocols, a proliferation of networks  laser printing 图形用户接口( GUI )  1983: deployment of  new national networks: 鼠标  Ethernet TCP/IP Csnet, BITnet, 个人电脑  the modern personal NSFnet, Minitel  1982: SMTP e-mail Windows 下拉菜单 computer protocol defined  100,000 hosts 静电复印机  graphical user connected to  1983: DNS defined 普通纸复印机 interface (GUI) and confederation of for name-to-IP- 以太局域网系统 desktop paradigm networks address translation 桌面传真机  object-oriented 彩色复印机  1985: FTP protocol programming 激光打印机 defined  ubiquitous computing  1988: TCP congestion control CSE Department CSE Department 95 96 16

  4. Introduction Introduction dot-com bubble Internet History Internet History 1995-2000 1990, 2000’s: commercialization, the Web, new apps 2007:  Early 1990’s: ARPAnet Late 1990’s – 2000’s:  ~500 million hosts decommissioned Online social  more killer apps: instant  Voice, Video over IP networks  1991: NSF lifts restrictions on messaging, P2P file sharing commercial use of NSFnet  P2P applications: BitTorrent  network security to (decommissioned, 1995) (file sharing) Skype (VoIP), forefront  early 1990s: Web Cloud computing PPLive (video)  est. 50 million host, 100  hypertext [Bush 1945, Nelson million+ users  more applications: YouTube, 1960’s]  backbone links running at gaming  HTML, HTTP: Berners-Lee Gbps Internet of Things  wireless, mobility  1994: Mosaic, later Netscape  late 1990’s: commercialization of the Web European Organization for Nuclear Research CSE Department CSE Department 97 98 Introduction Introduction: Summary Covered a “ton” of materials! You now have:  Internet overview  context, overview,  what’s a protocol? “feel” of networking  network edge, core, access  more depth, detail to network follow!  packet-switching versus circuit-switching  Internet structure  performance: loss, delay, throughput  layering, service models  security  history CSE Department 99 17

Recommend


More recommend