ludus project
play

Ludus project: Securing your router with GT Kalin Ivanov & - PowerPoint PPT Presentation

Dec 18, 2022 •464 likes •708 views

Ludus project: Securing your router with GT Kalin Ivanov & Ondej Luk www.stratosphereips.org/ludus Stratosphere Lab Cybersecurity Part of AIC https://www.stratosphereips.org/ @StratosphereIPS @ondrej_lukas @StratoLudus

  1. Ludus project: Securing your router with GT Kalin Ivanov & Ondřej Lukáš www.stratosphereips.org/ludus

  2. Stratosphere Lab ● Cybersecurity Part of AIC ● https://www.stratosphereips.org/ @StratosphereIPS @ondrej_lukas @StratoLudus ● ludus@aic.f el.cvut.cz - Offjcial Ludus contact ● www.stratosphereips.org/ludus @RealKalin

  3. Plan ● Why Ludus? ● Defense as a game ● Collaborative defense ● External Security Metric ● Ludus tool

  4. Motivation and Goals of Ludus ● Collaboration with and TAČR ● Model attackers´ behaviour and use it to create better defense ● Protect users against attacks from the Internet ● Use honeypots in smart way ● Design External Metrics to capture the Security level of devices

  5. Honeypots in Ludus ● TARPIT - iptables module ● Honeypot as a Service* ● Minipot (Telnet) ● Extendable! * More infotion at https://haas.nic.cz/

  6. Troubles with Honeypots ● Where to put them?! ● Static and predictable ● How to use the data? ● Bringing your device in the spotlight?!

  9. Troubles with Honeypots ● Where to put them?! ● Static and predictable ● How to use the data? ● Bringing your device in the spotlight?!

  10. Do you want to play a game?

  11. Model of Attackers’ behaviour Change Change only both ports Change either port or IP 95% of points Change only IPs

  12. Game-Theoretical Approach ● ● Model attacks as a game Minimize attacker’s utility ● ● Find the optimal strategy Save resources

  13. Joining Forces with Others ● Information Sets ⇒ less information for ⇒ lower utility ● Constraints in number of honeypots

  14. Solving the game ● 2 65536 actions per router ● Finding equilibria in full game: NP-hard ● Simplification: ○ Zero-sum game(u attacker = -u defender ) ○ Limited number of port combinations (+ Nearest neighbour) ⇒ Linear program (solvable in P w.r.t. game tree size)

  15. You can’t manage what you can’t measure

  16. Data 2 Types: 1. Packet metadata 2. Suricata alert data Suricata signatures 1| Not Suspicious Traffic 2| Unknown Traffic 3| Potentially Bad Traffic 4| Attempted Information Leak 5| Information Leak 6| Large Scale Information Leak 7| Attempted Denial of Service 8| Denial of Service

  17. Dashboards Local dashboard for each user Publicly AAA Data (Anonymized, Aggregated, Available) Check out the public Kibana visualizations:

  18. Metrics ● Overall Security ● Honeypots/Production Ports ● Entropy of attack

  19. Example

  20. Example

  21. Example https://www.shodan.io/

  22. Ludus tool

  23. Ludus tool ● fully automated ● adapts and updates strategies ● anonymizes and visualizes data ● turris package: ludus https://doc.turris.cz/doc/cs/howto/installation https://github.com/stratosphereips/Ludus

  24. Q&A Thanks for your attention! @ondrej_lukas @RealKalin lukasond@fel.cvut.cz ivanokal@fel.cvut.cz https://www.stratosphereips.org/ludus

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gladiators Terms! Editor Munerarius Lanista Ludus vs. ludi Infamia:

Gladiators Terms! Editor Munerarius Lanista Ludus vs. ludi Infamia:

Gladiators Terms! Editor Munerarius Lanista Ludus vs. ludi Infamia: one marked by infamia cannot serve in the army, vote for magistrates or on laws, serve on juries, can be tortured and killed. Auctoratio:

623 views • 19 slides
Introduction to Service Robotics Application development with ludus.russo@gmail.com

Introduction to Service Robotics Application development with ludus.russo@gmail.com

Introduction to Service Robotics Application development with ludus.russo@gmail.com http://www.hotblackrobotics.com/ http://www.ludusrusso.cc/ 1 Ludovico Russo, Gabriele Ermacora May 2017 Robotics Fields - Industrial Robotics 2 Ludovico

974 views • 74 slides
Project Project Project Evolution of project Structured Collaborative Project Unstructured

Project Project Project Evolution of project Structured Collaborative Project Unstructured

Alain Fournier Presentation: Project Management Tools for Increasing Project Success! Alain is a Project and Portfolio Management Solutions Executive with Microsoft Canada specializing in Cloud Productivity Solutions Have over 20 years of

428 views • 21 slides
evaluations An unsuccessful project? An unsuccessful project? An unsuccessful project? A

evaluations An unsuccessful project? An unsuccessful project? An unsuccessful project? A

Effective post project evaluations An unsuccessful project? An unsuccessful project? An unsuccessful project? A successful project? Agenda for today Who are LCMB? The context for post project evaluation The project lifecycle Post project

476 views • 32 slides
BPR4GDPR Project Presentation Project ID Project acronym: BPR4GDPR Project title:

BPR4GDPR Project Presentation Project ID Project acronym: BPR4GDPR Project title:

BPR4GDPR Project Presentation Project ID Project acronym: BPR4GDPR Project title: Business Process Re-engineering and functional toolkit for GDPR compliance Contract number: 787149 Funded under the H2020 call DS-08-2017

421 views • 22 slides
HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT

HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT

HHS // IHS HIT MODERNIZATION PROJECT HHS // IHS HIT Modernization Project PROJECT PURPOSE The HHS IHS HIT Modernization Project is sponsored by the U.S. Department of Health and Human Services Office of the Chief Technology Officer (HHS OCTO)

712 views • 13 slides
NORTH FORK BIOENERGY PROJECT PROJECT STATUS Project Overview Project Team and Organization

NORTH FORK BIOENERGY PROJECT PROJECT STATUS Project Overview Project Team and Organization

2 nd Annual Rural Community Development Initiative Capacity Building and Wood Utilization Workshop NORTH FORK BIOENERGY PROJECT PROJECT STATUS Project Overview Project Team and Organization Major Milestones Accomplishments

631 views • 12 slides
2013 Project Excellence Awards Project Requirements In-house design project Project

2013 Project Excellence Awards Project Requirements In-house design project Project

2013 Project Excellence Awards Project Requirements In-house design project Project constructed or near completion Judging Criteria Unique design considerations Constructability Post-construction performance Stakeholder

682 views • 29 slides
This project goes under eight different steps. This project goes under eight different steps.

This project goes under eight different steps. This project goes under eight different steps.

This project goes under eight different steps. This project goes under eight different steps. Chapter One: The first step is about narrating some facts, by which my project and research were based on. Egypt is located in north east africa,

690 views • 46 slides
Agenda 1. Introductions 2. Sign-in 3. Project Location 4. Project Background 5. POE

Agenda 1. Introductions 2. Sign-in 3. Project Location 4. Project Background 5. POE

Agenda 1. Introductions 2. Sign-in 3. Project Location 4. Project Background 5. POE Drainage Alternatives 6. Project Benefits 7. Open Forum 8. Adjourn Project Location Project Background ASCG Inc. completed a Project Development

321 views • 15 slides
Trees Algorithms CSE 373 SU 18 BEN JONES 1 Announcements - Project 3 Due Tonight - Project

Trees Algorithms CSE 373 SU 18 BEN JONES 1 Announcements - Project 3 Due Tonight - Project

Minimum Spanning Data Structures and Trees Algorithms CSE 373 SU 18 BEN JONES 1 Announcements - Project 3 Due Tonight - Project 4 Assigned Today - Same partners as project 3 - We will re-run project 3 grading on project 4, just like the

704 views • 59 slides
Presentation Agenda Project History/Background Project Overview Current Project Status

Presentation Agenda Project History/Background Project Overview Current Project Status

Presentation Agenda Project History/Background Project Overview Current Project Status Project Opportunities 1 1 Pre-Solicitation Conference June 2018 www.newnicebridge.com 2 Welcome and Introductions Project Team MDTA

776 views • 38 slides
1 We will begin with some background information on the project. We will then talk about why we

1 We will begin with some background information on the project. We will then talk about why we

Welcome. My name is Mark Frechette. I am the project director for the New York State Department of Transportations (NYSDOT) I 81 Viaduct Project. Thank you for being here tonight. The project team has been working hard and we are excited to

548 views • 39 slides
PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project

PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project

WETLAND & RIPARIAN INVENTORIES FOR UGB EXPANSION AREAS PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project Approach Who is Involved What is Needed to Make it Happen How the Project Will

581 views • 46 slides
I-84 Danbury Project Project Advisory Committee (PAC) Meeting No. 3 September 24, 2019 0

I-84 Danbury Project Project Advisory Committee (PAC) Meeting No. 3 September 24, 2019 0

I-84 Danbury Project Project Advisory Committee (PAC) Meeting No. 3 September 24, 2019 0 Agenda PAC Membership and Recap of Outreach Efforts Perspective Gathering Exercise Project Need Project Need Check-in Project Purpose

940 views • 54 slides
ORMONDE MINING BARRUECOPARDO TUNGSTEN PROJECT Project Permitted Project Funded Project

ORMONDE MINING BARRUECOPARDO TUNGSTEN PROJECT Project Permitted Project Funded Project

ORMONDE MINING BARRUECOPARDO TUNGSTEN PROJECT Project Permitted Project Funded Project Upside Mar 2017 1 ORMONDE MINING Disclaimer The content of this document has not been approved by an authorised person within the meaning of the

712 views • 21 slides
Offshore Structures Oil Rigs Offshore Platforms Stationed Platform FPSO Wind Turbines Over

Offshore Structures Oil Rigs Offshore Platforms Stationed Platform FPSO Wind Turbines Over

Offshore Structures Oil Rigs Offshore Platforms Stationed Platform FPSO Wind Turbines Over bridges Offshore Structure Typical Layout Figure : Typical Corrosion rate of steel in offshore condition Atmospheric zone : Above splash zone,

560 views • 30 slides
Regression Pitfalls Pitfall Noun: A hidden or unsuspected danger or difficulty. A covered pit

Regression Pitfalls Pitfall Noun: A hidden or unsuspected danger or difficulty. A covered pit

ST 430/514 Introduction to Regression Analysis/Statistics for Management and the Social Sciences II Regression Pitfalls Pitfall Noun: A hidden or unsuspected danger or difficulty. A covered pit used as a trap. Multiple regression is a widely

717 views • 17 slides
110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil

110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil

110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil Founder Who am I? One of the core developers of Prometheus Founder of Robust Perception Primary author of Reliable Insights blog

443 views • 16 slides
Opening remarks Strucure of presentation I believe that the exercise of public consultation,

Opening remarks Strucure of presentation I believe that the exercise of public consultation,

Gas barrier Possible hotspot Proposed relocation of Ysgol John Bright, Llandudno, Conwy Peer review on behalf of Active ventilation Passive gas North Wales Health Authority ventilation with Passive gas of risk assessment dynamic

296 views • 7 slides
1 Limits of a LAN One shared LAN can limit us in terms of: Distance Max Ethernet

1 Limits of a LAN One shared LAN can limit us in terms of: Distance Max Ethernet

Lecture 6: Bridging & Switching CSE 123: Computer Networks Chris Kanich Project 1 countdown: 5 days Last time How do multiple hosts share a single channel? Medium Access Control (MAC) protocols Channel partitioning

437 views • 9 slides
Applications: A Selective Text-Based vs. Multimedia Retransmission Protocol Text for

Applications: A Selective Text-Based vs. Multimedia Retransmission Protocol Text for

Applications: A Selective Text-Based vs. Multimedia Retransmission Protocol Text for Multimedia on the Strict loss constraints Internet Minimal timing constraints Mike Piecuch , Ken French, George Oprica and Mark Claypool

153 views • 3 slides
Shake Box Project Connecting Shake Box to a Linux Computer Presentation ShakeBox in Action

Shake Box Project Connecting Shake Box to a Linux Computer Presentation ShakeBox in Action

Shake Box Project Connecting Shake Box to a Linux Computer Presentation ShakeBox in Action Presented from: Rashid Siddiqui Glen Hockett Bin Tang Dated: 7-2-2014 Project Description: Currently Shake Box is working with Windows XP and

561 views • 39 slides
Using FPGA for driver testing Marek Va sut < marex@denx.de > October 5, 2015 Marek Va

Using FPGA for driver testing Marek Va sut < marex@denx.de > October 5, 2015 Marek Va

Using FPGA for driver testing Marek Va sut < marex@denx.de > October 5, 2015 Marek Va sut < marex@denx.de > Using FPGA for driver testing Marek Vasut Software engineer at DENX S.E. since 2011 Embedded and Real-Time

813 views • 22 slides

More recommend