network security attacks
play

Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson - PowerPoint PPT Presentation

May 05, 2023 •102 likes •699 views

Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

  1. Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161 / March 9, 2017

  2. IP Packet Header (Continued) • Two IP addresses – Source IP address (32 bits in main IP version) – Destination IP address (32 bits, likewise) • Destination address – Unique identifier/locator for the receiving host – Allows each node to make forwarding decisions • Source address – Unique identifier/locator for the sending host – Recipient can decide whether to accept packet – Enables recipient to send reply back to source

  3. Postal Envelopes: (Post office doesn’t look at the letter inside the envelope)

  4. Analogy of IP to Postal Envelopes: IP source address IP destination address (Routers don’t look at the payload beyond the IP header)

  5. IP: “ Best Effort ” Packet Delivery • Routers inspect destination address, locate “ next hop ” in forwarding table – Address = ~unique identifier/locator for the receiving host • Only provides a “ I’ll give it a try ” delivery service: – Packets may be lost – Packets may be corrupted – Packets may be delivered out of order source destination IP network

  6. Threats Due to the Lower Layers

  7. Layers 1 & 2: General Threats? Framing and transmission of a collection of bits into individual messages sent across a 7 Application single “ subnetwork ” (one physical technology) 4 Transport 3 (Inter)Network 2 Link Encoding bits to send them over a single physical link 1 Physical e.g. patterns of voltage levels / photon intensities / RF modulation

  8. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout)

  9. TCPDUMP: Packet Capture & ASCII Dumper 9

  10. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols)

  11. Wireshark: GUI for Packet Capture/Exam. 11

  12. Wireshark: GUI for Packet Capture/Exam. 12

  13. Wireshark: GUI for Packet Capture/Exam. 13

  14. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) o Bro (scriptable real-time network analysis; see bro.org ) • For any technology, routers (and internal “ switches ” ) can look at / export traffic they forward • You can also “ tap ” a link – Insert a device to mirror the physical signal

  16. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) o Bro (scriptable real-time network analysis) • For any technology, routers (and internal “ switches ” ) can look at / export traffic they forward • You can also “ tap ” a link – Insert a device to mirror the physical signal – Or: just steal it!

  17. Stealing Photons

  18. Protec1ng Against Eavesdropping in the Coffee Shop

  19. 1. Join the wireless network If either match up, your laptop joins the network. Op;onally performs a cryptographic exchange.

  20. 1. Join the wireless network If either match up, your laptop joins the network. Op1onally performs a cryptographic exchange.

  21. 1. Join the wireless network If either match up, your laptop joins the network. Op1onally performs a cryptographic exchange. Most commonly today, that is done using WPA2.

  22. Password: $secret! KeyCounter KeyCounter (and other stuff) (and other stuff) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  23. SSID Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  24. This func;on Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  25. This func;on computes this many itera;ons Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  26. This func;on computes this many itera;ons of this func;on Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  27. This func;on computes this many itera;ons of this func;on using this as the MAC key Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  28. This func;on computes this many itera;ons of this func;on using this as the MAC key and the XOR of these as the ini;al input. Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  29. This func;on computes this many itera;ons of this func;on using this as the MAC key and the XOR of these as the ini;al input. Each subsequent itera;on takes the output of the previous computa;on as Password: $secret! its input. KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  30. Now your laptop and the AP have derived a shared secret. K K Password: $secret! KeyCounter (and other stuff) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  31. Eve Eve a5acks! K K Password: $Secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  32. Eve Since the password is never exposed, if Eve doesn’t know it, the best she can do is a dic1onary aFack to try to guess it. K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  33. Eve Since the password is never exposed, if Eve doesn’t know it, the best she can do is a dic1onary aFack to try to guess it . K This goes slowly due to the 1000s of HMAC itera;ons. K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  34. Eve BUT: if Eve ponies up $2.25 for a cup of coffee and gets the password to the local net … K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  35. K Eve BUT: if Eve ponies up $2.25 for a cup of coffee and gets the password to the local net … then she knows both of these! K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  36. WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  37. Your laptop is preconfigured with a cert for an Authen1ca1on Server . a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  38. You establish a secure connec;on via the AP to the Authen;ca;on Server using TLS. a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  39. You then transmit your authen;ca;on info (username/password, or your own cert) to the server User=Alice, Password= ReallyHard2Gue$$ a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

585 views • 36 slides
CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat modeling for network attacks Basic security goals:

1.11k views • 39 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

535 views • 7 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 3 Network Protocol Attacks Roadmap Network security The basic objectives: CIA

1.68k views • 39 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 3 Network Protocol Attacks Roadmap Network security The

502 views • 39 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network Security Chapter 17: 2 Agenda Net adversary TCP attacks DNS attacks Firewalls Intrusion detection Honeypots Chapter 17: 3

792 views • 62 slides
Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1 Layers 1 & 2: General Threats? Framing and transmission of a collection of bits into individual messages sent across a single subnetwork

809 views • 54 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part of the slides are either self created or from the public domain with either 'creative commons' or 'public domain dedication' licensing. The public

914 views • 26 slides
PRESENTATION OF FIRST-HALF 2007 RESULTS Paris - 32 Hoche 31 August 2007 This presentation

PRESENTATION OF FIRST-HALF 2007 RESULTS Paris - 32 Hoche 31 August 2007 This presentation

PRESENTATION OF FIRST-HALF 2007 RESULTS Paris - 32 Hoche 31 August 2007 This presentation contains projections and forecasts. They express objectives based on the current assessments and estimates of the Groups senior management which are

931 views • 56 slides
Introduction to Information Science and Technology (IST) Part IV: Intelligent Machines and

Introduction to Information Science and Technology (IST) Part IV: Intelligent Machines and

Introduction to Information Science and Technology (IST) Part IV: Intelligent Machines and Robotics Sensors Sren Schwertfeger / ShanghaiTech University 2 IST ShanghaiTech University - SIST - 26.05.2016 General Control Scheme for

842 views • 73 slides
Ethernet The LAN Killer 2005/03/11 (C) Herbert Haas Ethernet works in practice but not in

Ethernet The LAN Killer 2005/03/11 (C) Herbert Haas Ethernet works in practice but not in

Ethernet The LAN Killer 2005/03/11 (C) Herbert Haas Ethernet works in practice but not in theory. Robert Metcalfe History (1) Late 1960s: Aloha protocol University of Hawaii Late 1972: Robert Metcalfe developed first Ethernet

618 views • 29 slides
CLASS technical Andrew Howard LCNI conference, Liverpool, November 2015 Session 3.4 Facilitating

CLASS technical Andrew Howard LCNI conference, Liverpool, November 2015 Session 3.4 Facilitating

CLASS technical Andrew Howard LCNI conference, Liverpool, November 2015 Session 3.4 Facilitating Low Carbon Energy and New Connections 1 Back to school for a moment This fundamental relationship is at the heart of CLASS But how will it

519 views • 28 slides
Addressing HCV among People Living with HIV November 29, 2017 Susan Robilotto, D.O. Medical

Addressing HCV among People Living with HIV November 29, 2017 Susan Robilotto, D.O. Medical

Addressing HCV among People Living with HIV November 29, 2017 Susan Robilotto, D.O. Medical Officer/ Clinical Consultant Health Resources and Services Administration (HRSA) HIV/AIDS Bureau (HAB ) Division of Metropolitan HIV/AIDS Programs

483 views • 21 slides
Texas Home Equity Lending: A Brave New World Impact of Texas Supreme Court Opinions June 13,

Texas Home Equity Lending: A Brave New World Impact of Texas Supreme Court Opinions June 13,

Texas Home Equity Lending: A Brave New World Impact of Texas Supreme Court Opinions June 13, 2016 Debra Bogo-Ernst David Tallman Partner Partner +1 312 701 7403 +1 713 238 2696 dernst@mayerbrown.com dtallman@mayerbrown.com Mayer Brown is

463 views • 25 slides
Competitive NOFA Training I. Funding Opportunity Description II. Award Information AGENDA III.

Competitive NOFA Training I. Funding Opportunity Description II. Award Information AGENDA III.

FY 2020 Indian Housing Block Grant (IHBG) Competitive NOFA Training I. Funding Opportunity Description II. Award Information AGENDA III. Eligibility Information IV. Application and Submission Information 2 Funding Opportunity In the

779 views • 77 slides
My current status Why am I here? My background HBV status in Taiwan My brothers

My current status Why am I here? My background HBV status in Taiwan My brothers

My current status Why am I here? My background HBV status in Taiwan My brothers diagnosis My diagnosis & Treatment My wifes diagnosis My wifes prenatal care My sons vaccination & HBIG My bro. as a liver

409 views • 8 slides

More recommend