lecture outline
play

Lecture Outline Protocols for detecting manipulation How to think - PowerPoint PPT Presentation

Feb 23, 2024 •252 likes •636 views

Lecture Outline Protocols for detecting manipulation How to think about architecture In general systems terms For security implications Tussles in architectures that affect multiple stakeholders Ethane: the

  1. Lecture Outline • Protocols for detecting manipulation • How to think about “architecture” – In general systems terms – For security implications • “Tussles” in architectures that affect multiple stakeholders • Ethane: the good and the could-have- been-better

  2. Detecting manipulation, con’t: … by destroying information an attacker needs … by creating information an attacker can’t destroy

  3. Bob Alice Alice wants to pair with Bob via D-H exchange.

  4. Alice Bob

  5. Bob Alice Mallory Charlie Charlie is a benign third party. Everyone can hear everyone else. Including Mallory. Mallory can cheat. Mallory wants Alice to mistakenly pair w/ Mallory.

  6. Alice Threat: Mallory answers before Bob has a chance to Bob

  7. Alice Bob Defense: Alice keeps doing protocol, rejects pairing if hears more than one

  8. Alice Bob Threat: Mallory jams Bob’s reply and Alice thinks only one was sent. This can happen for benign reasons (Charlie), so Alice doesn’t know it’s manipulation.

  9. Alice Bob Threat: Mallory swamps Bob’s reply w/ higher- powered responses

  10. Goal: tamper-evident pairing Alice can tell someone is messing with her attempt, and will try again later, until no evident tampering

  11. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Long burst that ensures all legit sources will be quiet in the next slot

  12. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Upon seeing this, Bob knows the protocol’s in effect

  13. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Alice’s D-H data

  14. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Alice reserves a bunch of packet slots

  15. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Alice sends a hash of D-H data … … encoded as packet-sent = 1 bit, no-packet-sent = 0 bit

  16. Idea: extend protocol with extra packet slots, some of which must be empty (silent) Bob does the same for Bob’s D-H data

  17. Threat: Mallory sends early and now jams so Alice doesn’t know it’s manipulation. ? Bob’s reply so Alice thinks earlier one was the only one sent. Can happen for benign reasons (Charlie), Alice knows collision is violation of her slot reservation: tampering

  18. Threat: Mallory swamps ? Bob’s reply w/ higher- powered responses Bob will “step on” some of Mallory’s 0-bit hash slots due to Bob’s own hash having 1-bits in those slots … Alice will see that hash doesn’t match: tampering

  19. New threat: Mallory hash of nearly all 1-bits ? precomputes D-H data w/ a Solution: don’t directly encode 0/1 bits Instead: (something like) Manchester encoding : Encode 0 bit as 0 || 1 Encode 1 bit as 1 || 0

  20. Q’s before moving on to Architecture?

  21. Building this …

  22. … takes high-level thinking like this:

  23. Architecture • Engineering = “obtaining predictable & desirable behavior” • To engineer complex systems requires designing overarching structure – Abstractions – Placement of functionality – State management – Naming • Good architecture aligns mechanism with functionality/enforcement

  24. Architecture, con’t • High-level/abstract nature can make it hard to “get” • Has a flavor of “think outside the box”: in fact, “design the box” • In security, we’re used to intensely scrutinizing the box – Rather than stepping back to consider its design properties / how it could have been different ⇒ Ask questions!

  25. Abstractions? Policy-neutral, strongly- typed asynchronous events Employ filtering and reduction to balance processing load Connection-oriented (e.g. TCP bytestreams emphasized over packets) Self-describing log files linked together by opaque identifiers

  26. #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path conn #open 2016-07-13-16-16-57 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service durationorig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string intervalcount count string bool bool count string count count count count set[string] 1324071333.493287 CHhAvVGS1DHFjwGM9 192.168.1.79 51880 131.159.21.1 22 tcp ssh 6.1593262669 2501 SF - - 0 ShAdDaFf25 3981 20 3549 - 1409516196.337184 ClEkJM2Vm5giqnMf4h 10.0.0.18 40184 128.2.6.88 41644 tcp ssh 2.0790713813 3633 SF - - 0 ShADadFf22 4965 26 5017 - 1419870189.485611 C4J4Th3PJpwUYZZ6gc 192.168.2.1 57189 192.168.2.158 22 tcp ssh 6.6417545253 3489 SF - - 0 ShADadFf38 7241 29 5005 - 1419870206.101883 CtPZjS20MLrsMUOJi2 192.168.2.1 57191 192.168.2.158 22 tcp ssh 3.862198576 813 SF - - 0 ShAdDaFf23 1784 16 1653 -

  27. #separator \x09 #set_separator , #empty_field (empty) #unset_field - #path ssh #open 2018-10-23-15-34-42 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version auth_success auth_attempts direction client server cipher_alg mac_alg compression_alg kex_alg host_key_alg host_key #types time string addr port addr port count bool count enum string string string string string string string string 1324071333.792887 CHhAvVGS1DHFjwGM9 192.168.1.79 51880 131.159.21.1 22 2 - 0 - SSH-2.0- OpenSSH_5.9 SSH-2.0-OpenSSH_5.8 aes128-ctr hmac-md5 zlib@openssh.com ecdh-sha2-nistp256 ecdsa-sha2-nistp256 a7:26:62:3f:75:1f:33:8a:f3:32:90:8b:73:fd:2c:83 1409516196.413240 ClEkJM2Vm5giqnMf4h 10.0.0.18 40184 128.2.6.88 41644 2 T 1 - SSH-2.0- OpenSSH_6.6 SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1 aes128-ctr hmac-md5none ecdh-sha2-nistp256 ssh-rsa 8a:8d:55:28:1e:71:04:99:94:43:22:89:e5:ff:e9:03 1419870189.489202 C4J4Th3PJpwUYZZ6gc 192.168.2.1 57189 192.168.2.158 22 2 T 3 - SSH-2.0- OpenSSH_6.2 SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 aes128-ctr hmac-md5-etm@openssh.com none diffie-hellman-group-exchange-sha256 ssh-rsa 28:78:65:c1:c3:26:f7:1b:65:6a:44:14:d0:04:8f:b3

  28. Opaque identifier for linking #separator \x09 #set_separator , to other logs associated w/ #empty_field (empty) same connection #unset_field - #path conn #open 2016-07-13-16-16-57 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service durationorig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string intervalcount count string bool bool count string count count count count set[string] 1324071333.493287 CHhAvVGS1DHFjwGM9 192.168.1.79 51880 131.159.21.1 22 tcp ssh 6.1593262669 2501 SF - - 0 ShAdDaFf25 3981 20 3549 - 1409516196.337184 ClEkJM2Vm5giqnMf4h 10.0.0.18 40184 128.2.6.88 41644 tcp ssh 2.0790713813 3633 SF - - 0 ShADadFf22 4965 26 5017 - 1419870189.485611 C4J4Th3PJpwUYZZ6gc 192.168.2.1 57189 192.168.2.158 22 tcp ssh 6.6417545253 3489 SF - - 0 ShADadFf38 7241 29 5005 - 1419870206.101883 CtPZjS20MLrsMUOJi2 192.168.2.1 57191 192.168.2.158 22 tcp ssh 3.862198576 813 SF - - 0 ShAdDaFf23 1784 16 1653 -

  29. #separator \x09 #set_separator , #empty_field (empty) Same identifier #unset_field - #path ssh #open 2018-10-23-15-34-42 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version auth_success auth_attempts direction client server cipher_alg mac_alg compression_alg kex_alg host_key_alg host_key #types time string addr port addr port count bool count enum string string string string string string string string 1324071333.792887 CHhAvVGS1DHFjwGM9 192.168.1.79 51880 131.159.21.1 22 2 - 0 - SSH-2.0- OpenSSH_5.9 SSH-2.0-OpenSSH_5.8 aes128-ctr hmac-md5 zlib@openssh.com ecdh-sha2-nistp256 ecdsa-sha2-nistp256 a7:26:62:3f:75:1f:33:8a:f3:32:90:8b:73:fd:2c:83 1409516196.413240 ClEkJM2Vm5giqnMf4h 10.0.0.18 40184 128.2.6.88 41644 2 T 1 - SSH-2.0- OpenSSH_6.6 SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1 aes128-ctr hmac-md5none ecdh-sha2-nistp256 ssh-rsa 8a:8d:55:28:1e:71:04:99:94:43:22:89:e5:ff:e9:03 1419870189.489202 C4J4Th3PJpwUYZZ6gc 192.168.2.1 57189 192.168.2.158 22 2 T 3 - SSH-2.0- OpenSSH_6.2 SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 aes128-ctr hmac-md5-etm@openssh.com none diffie-hellman-group-exchange-sha256 ssh-rsa 28:78:65:c1:c3:26:f7:1b:65:6a:44:14:d0:04:8f:b3

  30. Placement of functionality? Layered design with instructions/control passed “down” and data stream flowing “up” Security analysis only occurs at script layer

  31. State management? Stateless, other than BPF filter.

  32. State management? Per-flow protocol state. Managed using reference-counting.

  33. State management? Extensive long-lived state kept in script variables. Expiration either via explicit “delete” or timer- driven (delta T after creation/read/write).

  34. State management? Even longer-lived state resides on disk … ... Or, today, in a “data lake” such as Splunk/Elastic.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration Expectation 2 18.175 Lecture 4 Outline Integration Expectation 3 18.175 Lecture 4 Recall definitions Probability space is triple ( , F , P ) where

451 views • 11 slides
Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4 Basics of Feedback Control Robert Babu ska Today: Steady-state response. Delft Center for Systems and Control Faculty of Mechanical

388 views • 7 slides
Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11 State-space models and state feedback control (We are finished with frequency domain methods.) Robert Babu ska Today: Delft Center for

452 views • 6 slides
Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course. Robert Babu ska Why is control essential. Delft Center for Systems and Control Faculty of Mechanical Engineering Basic elements of feedback.

403 views • 11 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability margins. Lecture 9 Lead and Lag Compensators Robert Babu ska Today: PID controller design. Delft Center for Systems and Control Faculty

447 views • 8 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and lag compen- Lecture 10 Nyquist plot and stability criterium sators. Robert Babu ska Today: Delft Center for Systems and Control Nyquist

444 views • 7 slides
18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More on random walks and local CLT Poisson random variable convergence Extend CLT idea to stable random variables 18.175 Lecture 16 2 Outline More on

225 views • 21 slides
Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

589 views • 31 slides
Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

779 views • 42 slides
Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func- Lecture 3 Stability analysis and transient response tions and state-space models. Robert Babu ska Today: Delft Center for Systems and

266 views • 8 slides
Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming Hsie-Chia Chang E-mail : hcchang@mail.nctu.edu.tw Fall 2006 Outline Outline Pipelining of FI R Digital filters Data-Broadcast Structures

453 views • 28 slides
15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture), Nihar Shah Carnegie Mellon University Spring 2020 1 Outline What is Artificial Intelligence? A brief history of AI Course logistics 2 Outline

580 views • 36 slides
Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation. Lecture 7 Frequency Response, Bode Plots Robert Babu ska Today: Handout for the remaining computer sessions. Delft Center for Systems and

332 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis, design. Lecture 6 Root Locus, Frequency Response Robert Babu ska Today: Remarks on the computer session. Delft Center for Systems and

226 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase systems. Lecture 8 Frequency Domain Design Robert Babu ska Today: Bodes gain-phase relation. Delft Center for Systems and Control

109 views • 7 slides
Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Questions that we will discuss today Take historically given an initial distribution of assets, but then Inequality and Development Week 10 T k hi i ll i i i i l di ib i f b h ask the question: March 12 Do inequalities

180 views • 16 slides
What is tamperproofing? Ensure that a program executes as intended, even in the presence of an

What is tamperproofing? Ensure that a program executes as intended, even in the presence of an

What is tamperproofing? Ensure that a program executes as intended, even in the presence of an adversary who tries to disrupt, monitor, or change the execution. A tamperproofing algorithm 1 makes tampering difficult 1/78 What is

1.84k views • 147 slides
Security Analysis of India's Electronic Voting Systems Scott Wolchok, Wustrow, Halderman (UMich),

Security Analysis of India's Electronic Voting Systems Scott Wolchok, Wustrow, Halderman (UMich),

Security Analysis of India's Electronic Voting Systems Scott Wolchok, Wustrow, Halderman (UMich), Hari K. Prasad, Kankipati, Sakhamuri, Yagati (NetIndia), Rop Gonggrijp "Reaffirm it's belief in the infallibility of the EVMs" Goals

1.02k views • 53 slides
Engineering Code Obfuscation ISSISP 2017 - Tamperproofing Christian Collberg Department of

Engineering Code Obfuscation ISSISP 2017 - Tamperproofing Christian Collberg Department of

Engineering Code Obfuscation ISSISP 2017 - Tamperproofing Christian Collberg Department of Computer Science University of Arizona http://collberg.cs.arizona.edu collberg@gmail.com Supported by NSF grants 1525820 and 1318955 and by the

345 views • 12 slides
ACR 3413 BASIC STRUCTURAL ENGINEERING 3 Lecture 1 Univers rsit ity y Putra a Malaysia ysia

ACR 3413 BASIC STRUCTURAL ENGINEERING 3 Lecture 1 Univers rsit ity y Putra a Malaysia ysia

ACR 3413 BASIC STRUCTURAL ENGINEERING 3 Lecture 1 Univers rsit ity y Putra a Malaysia ysia - Communication - Talk to Architect, M&E Engineer and Other Consultants of their Requirements Item Verti tical Load {V} Horizon zonta tal

572 views • 40 slides
Security aid in producing vulnerability free code (bounds primary topic of the paper for today

Security aid in producing vulnerability free code (bounds primary topic of the paper for today

Security aid in producing vulnerability free code (bounds primary topic of the paper for today protect code from people with access to hardware checking, no-execute bit) aid in producing vulnerability free code (bounds secondary topic of the

193 views • 18 slides
Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline

Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline

Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline 1. Recap 2. Factors 3. Variable Elimination 4. Efficiency Recap: Belief Networks Definition: A belief network (or Bayesian network )

1.27k views • 23 slides
Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini

Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini

Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini Vasudevan UC Berkeley Secret Sharing [Shamir 79, Blakley 79] Share 1 , , Reconstruction: Given at least

1.45k views • 20 slides
Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Threat Modeling: Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A simple approach to threat modeling Top 10 lessons Learning more What is threat modeling? A SIMPLE APPROACH TO THREAT

606 views • 41 slides

More recommend