securing internet routing securing internet routing
play

Securing Internet Routing Securing Internet Routing $ Local ISP - PowerPoint PPT Presentation

Oct 23, 2023 •687 likes •1.12k views

Jobtalk Securing Internet Routing Securing Internet Routing $ Local ISP Sharon Goldberg g Princeton University Based on work with: Based on work with: Boaz Barak, Shai Halevi, Aaron Jaggard, Vijay Ramachandran, Jennifer Rexford, Eran

  1. Jobtalk Securing Internet Routing Securing Internet Routing $ Local ISP Sharon Goldberg g Princeton University Based on work with: Based on work with: Boaz Barak, Shai Halevi, Aaron Jaggard, Vijay Ramachandran, Jennifer Rexford, Eran Tromer, Rebecca Wright, and David Xiao Princeton University

  2. The Internet (1) Th The Internet is a collection of Autonomous Systems (AS). I t t i ll ti f A t S t (AS) Princeton Princeton AT&T IBM Local Local ISP Comcast Connectivity requires competing ASes to cooperate Connectivity requires competing ASes to cooperate.

  3. The Internet (2) E Each Autonomous System (AS) is a collection of routers. h A t S t (AS) i ll ti f t Princeton Princeton AT&T IBM Local Local ISP Comcast Local ISP

  4. Different Failure Models & Formal Techniques Honest • Follows the protocol The Internet The Internet was designed Benign / Fail-Stop for this. • • Stops responding Stops responding $ $ Game Theory Rational (Selfish) • Deviates from protocol for personal gain g Cryptography Adversarial • Actively tries to “break” the protocol

  5. Research Approach System engineering & economic limitations (Goal) Prove this protocol satisfies security for Define Security Property failure model. erate erate $ Ite Ite Choose Failure Model Evaluate Protocol Any protocol with security property X security property X Ch Characterize t i needs resource Y Security vs Efficiency

  6. Research Approach System (Goal) Define Security Property erate erate Ite Ite Choose Failure Model Standards, Prototypes Evaluate Protocol Implement / Implement / Ch Characterize t i Tech transfer Security vs Efficiency

  7. Secure Routing on the Internet Goal: Ensure packets arrive at their destination. Princeton Princeton AT&T IBM Local Local ISP Comcast Years of security research devoted to solving this problem. y g p

  8. Overview of Previous Work on Secure Routing AT&T, IBM AT&T IBM Princeton AT&T IBM IBM Local ISP Comcast Comcast Local, Comcast, IBM Control Plane (Routing protocols): • Set up paths between nodes S h b d soBGP, IRV, SPV, pgBGP, psBGP, Secure BGP Listen Whisper etc Listen-Whisper, etc., [Kent Lynn Seo 00] [Kent Lynn Seo 00] Data Plane: • Given the paths, how should packets be forwarded? p p NPBR [Perlman 88], Secure Msg Transmission [DDWY92], Secure/Efficient Routing [AKWK04], Secure TR [PS03], etc!

  9. Overview of Previous Work on Secure Routing AT&T, IBM AT&T IBM Princeton To inform deployment efforts, my research focuses on: AT&T IBM IBM 1. Are we securing the right part of the system? 1 Are we securing the right part of the system? Local 2. Characterizing the tradeoffs between security & efficiency ISP Comcast Comcast Local, Comcast, IBM Control Plane (Routing protocols): • Set up paths between nodes S h b d soBGP, IRV, SPV, pgBGP, psBGP, Secure BGP Listen Whisper etc Listen-Whisper, etc., [Kent Lynn Seo 00] [Kent Lynn Seo 00] Data Plane: • Given the paths, how should packets be forwarded? p p NPBR [Perlman 88], Secure Msg Transmission [DDWY92], Secure/Efficient Routing [AKWK04], Secure TR [PS03], etc!

  10. Overview of the Results in this Talk Internet Routing (Ensuring packets arrive at their destination) Ensure packets actually Detect packet loss follow announced paths. & localize bad router. $ Rational ASes Adversarial routers [GXTBR, SIGMETRICS’08] [GHJRW, SIGCOMM’08] [BGX, EUROCRYPT’08] Known control Known control- -plane plane New data New data-plane New data New data plane plane plane protocols, like Secure BGP protocols & characterization � ☺

  11. Part I : The Control Plane Part I : The Control Plane two counterexamples & a theorem

  12. BGP: The Internet Routing Protocol (1) P th Paths between Autonomous Systems (ASes) are b t A t S t (AS ) set up via the Border Gateway Protocol (BGP). IBM AT&T, IBM $ $ Princeton AT&T AT&T IBM Local $ ISP ISP Local Val ation Local Valuation: Comcast Comcast, IBM AT&T, IBM IBM IBM Comcast, IBM Forwarding: Node use single outgoing link for all traffic to destination. Valuations: Usually based on economic relationships. Here, we assume they are fixed at “beginning of game”

  13. BGP: The Internet Routing Protocol (2) Paths between Autonomous Systems (ASes) are P th b t A t S t (AS ) set up via the Border Gateway Protocol (BGP). AT&T, IBM AT&T, IBM $ $ Princeton $ $ AT&T AT&T IBM Local Princeton Valuat’n: ISP ISP Local AT&T IBM Local, AT&T, IBM Comcast AT&T, IBM Local, Comcast, IBM Local, Comcast, IBM Forwarding: Node use single outgoing link for all traffic to destination. Valuations: Usually based on economic relationships. Here, we assume they are fixed at “beginning of game”

  14. Our desired security goal… BGP announcements match actual paths in the data plane. Princeton AT&T AT&T IBM Local Princeton Valuat’n: ISP ISP Local AT&T IBM Local, AT&T, IBM Comcast AT&T, IBM Local, Comcast, IBM Then, can use BGP messages as input to security schemes! 1. Chose paths that avoid ASes known to drop packets 2. Protocols that localize an adversarial router on path. 3. Contractual frameworks that penalize nodes that drop packets.

  15. Our desired security goal… BGP announcements match actual paths in the data plane. Local, AT&T, IBM Princeton AT&T AT&T $ IBM Local Local Princeton Valuat’n: ISP ISP ISP ISP Local, AT&T, IBM Local AT&T IBM Comcast AT&T, IBM Local, Comcast, IBM Then, can use BGP messages as input to security schemes! 1. Chose paths that avoid ASes known to drop packets 2. Protocols that localize an adversarial router on path. 3. Contractual frameworks that penalize nodes that drop packets.

  16. The “Secure BGP” Internet Routing Protocol If AS a announced path abP then b announced bP to a Comcast: (IBM) Comcast: (IBM) Public Key Public Key Infrastructure Local: (Comcast, IBM) Princeton Princeton: (Local, Comcast, IBM) ( , , ) AT&T AT&T IBM Local ISP ISP Comcast Comcast: (IBM) Comcast: (IBM) Comcast: (IBM) Local: (Comcast, IBM) Public Key Signature : Anyone who knows IBM’s public key can verify the message was sent by IBM.

  17. The “Secure BGP” Internet Routing Protocol If AS a announced path abP then b announced bP to a Comcast: (IBM) Comcast: (IBM) Public Key Public Key Infrastructure Local: (Comcast, IBM) Princeton Princeton: (Local, Comcast, IBM) ( , , ) AT&T AT&T IBM Local ISP ISP Comcast Comcast: (IBM) Comcast: (IBM) If we assume nodes are rational, Comcast: (IBM) do we get security from “Secure BGP”? Local: (Comcast, IBM) Yes Y Yes - For certain utility models (prior work) F t i tilit d l ( i k) Public Key Signature : Anyone who knows IBM’s No No - For more realistic ones (our work) public key can verify the message was sent by IBM.

  18. The “No Attractions” model of utility… Model of utility in prior work: Model of utility in prior work: Utility of AS = . Utility of outgoing Utility of attracted + (data-plane) path ( p ) p incoming traffic g Princeton AT&T IBM Local Local Local Valuatio’n: ISP ISP Comcast Comcast, IBM AT&T IBM AT&T, IBM In all prior work: Utility i is determined by the d t i d b th valuation function

  19. Do control plane & data plane match? Utility y Secure Model BGP [LSZ] [LSZ] No Attractions No Attractions � to se d d s o est Corollary: If _________, rational rational ASes have no incentive to send dishonest BGP announcements! G a ou ce e ts [Feigenbaum-Ramachandran-Schapria-06], • [Feigenbaum-Schapria-Shenker-07] [Levin-Schapira-Zohar-08] These results build on • [Nisan-Ronen-01] [Feigenbaum-Papadimitriou-Shenker-01], • [Parkes-Shneidman-04], [Feigenbaum-Karger-Mirrokni-Sami-05] Feigenbaum-Papadimitriou-Sami-Shenker-05],

  20. The “Attractions” model of utility… Our model of utility: Our model of utility: Model of utility in prior work: Model of utility in prior work: Utility of AS = Utility of AS = . . Utility of outgoing Utility of outgoing Utility of attracted Utility of attracted + + (data-plane) path ( (data-plane) path ( p p ) p ) p incoming traffic incoming traffic g g $ Princeton AT&T $ IBM $ Local Local $ ISP ISP Local Valuat’n: Attract: Princeton Comcast Comcast IBM Comcast, IBM Valuat’n: AT&T, IBM Comcast, IBM More realistically models AT&T, IBM payment structure.

  21. Do control plane & data plane match? Utility y Secure Model BGP [LSZ] [LSZ] No Attractions No Attractions X X ? ? Attractions Attractions Negative result is network where a node has incentive to lie.

  22. Counterexample: “Secure BGP” is not sufficient! Comcast: (IBM) AT&T: (IBM) Local: (AT&T, IBM) Local: (Comcast, IBM) Princeton: (Local, AT&T, IBM) Princeton: Princeton: (Local, Comcast, IBM) Princeton: (Local Comcast (Local AT&T IBM) IBM) AT&T: (IBM) Local: (AT&T, IBM) Princeton AT&T $ IBM Local Local Princeton Valuat’n: ISP ISP Local, AT&T, IBM ☺ ☺ Comcast AT&T, IBM Local, Comcast, IBM Attract: Princeton Valuation: Comcast: Comcast: (IBM) (IBM) Comcast, IBM Local: (Comcast, IBM) AT&T, IBM

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure

Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure

Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure Routing? Current routing protocols assume trusted environment! Even misconfigurations severely disrupt Internet routing Secure routing

245 views • 22 slides
Internet routing is based on routing protocols that collect the input data No off-line route

Internet routing is based on routing protocols that collect the input data No off-line route

Introduction to Routing in Internet Internet basics IPv4 and ICMP Internet Addressing ARP - Address Resolution Protocol Routing Information (Distance Vector ) Protocol Principles 3-1 S-38.121 S-02 Rka, NB Internet routing is based on

214 views • 18 slides
Introduction to routing in the Internet Ethernet, switching vs. routing Internet architecture

Introduction to routing in the Internet Ethernet, switching vs. routing Internet architecture

Introduction to routing in the Internet Ethernet, switching vs. routing Internet architecture Addressing, routing principles Protocols: IPv4, ICMP, ARP (Chapters 23 in Huitema) Internet-1 S-38.2121 / Fall-07 / RKa, NB Ethernet Most

635 views • 26 slides
CS 557 Routing Measurements End to End Routing Behavior in the Internet Vern Paxson, 1996

CS 557 Routing Measurements End to End Routing Behavior in the Internet Vern Paxson, 1996

CS 557 Routing Measurements End to End Routing Behavior in the Internet Vern Paxson, 1996 Internet Routing Instability Labovitz, Malan, Jahanian, 1997 Spring 2013 End to End Routing Behavior Objective: Understand the actual behavior of

595 views • 22 slides
Internet Protocol: Routing Algorithms Internet Protocol: Routing Algorithms Srinidhi Varadarajan

Internet Protocol: Routing Algorithms Internet Protocol: Routing Algorithms Srinidhi Varadarajan

Internet Protocol: Routing Algorithms Internet Protocol: Routing Algorithms Srinidhi Varadarajan Routing Routing Rout ing prot ocol 5 Goal: det ermine good pat h (sequence of rout ers) t hru 3 B C net work f rom source t o dest .

636 views • 40 slides
Routing Jeff Chase Duke University IP Routing From Click IP Routing From Click Internet Map

Routing Jeff Chase Duke University IP Routing From Click IP Routing From Click Internet Map

Routing Jeff Chase Duke University IP Routing From Click IP Routing From Click Internet Map The Internet From CAIDA IP Address Allocation Originally (classful addrs), 4 address classes A: 0 | 7 bit network | 24 bit

573 views • 21 slides
Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 18 Page 1 CS 236 Online Outline Routing security DNS security Lecture 18 Page 2

556 views • 31 slides
10/20/08 Today P561: Network Systems Internet routing (BGP) Week 4: Internetworking II

10/20/08 Today P561: Network Systems Internet routing (BGP) Week 4: Internetworking II

10/20/08 Today P561: Network Systems Internet routing (BGP) Week 4: Internetworking II Tunneling and MPLS Wireless routing Wireless handoffs Tom Anderson Ratul Mahajan TA: Colin Dixon 2 Internet today Key goals for Internet routing

488 views • 11 slides
End-to-End Routing Behavior in the Internet in the Internet

End-to-End Routing Behavior in the Internet in the Internet

End-to-End Routing Behavior in the Internet in the Internet Objective Understand the large-scale behavior of routing in the

533 views • 25 slides
End-to-end principle All control in end stations by Dave Clark e.g. error and flow

End-to-end principle All control in end stations by Dave Clark e.g. error and flow

Introduction to routing in the Internet Internet architecture IPv4, ICMP, ARP Addressing, routing principles (Chapters 23 in Huitema) Internet-1 S-38.121 / Fall-04 / RKa, NB Internet Architecture Principles End-to-end principle All

893 views • 21 slides
BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. RIPE 66 BIRD overview

BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. RIPE 66 BIRD overview

BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. RIPE 66 BIRD overview BIRD Internet Routing Daemon Routing protocols BGP, OSPF and RIP IPv4 and IPv6 support Linux and BSD kernel support Free and open

241 views • 13 slides
Network Layer: Control Plane Part II Routing in the Internet: Intra vs. Inter-AS Routing

Network Layer: Control Plane Part II Routing in the Internet: Intra vs. Inter-AS Routing

Network Layer: Control Plane Part II Routing in the Internet: Intra vs. Inter-AS Routing Intra-AS: RIP and OSPF (quick recap) Inter-AS: BGP and Policy Routing Internet Control Message Protocol: ICMP network management

888 views • 61 slides
Internet Routing Dr. Miled M. Tezeghdanti May 8, 2012 Dr. Miled M. Tezeghdanti () Internet

Internet Routing Dr. Miled M. Tezeghdanti May 8, 2012 Dr. Miled M. Tezeghdanti () Internet

Internet Routing Dr. Miled M. Tezeghdanti May 8, 2012 Dr. Miled M. Tezeghdanti () Internet Routing May 8, 2012 1 / 71 Introduction Networks may be interconnected using Repeaters Work at the Physical layer Bridges Work at the Data-Link

997 views • 84 slides
On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies

On Inferring and Characterizing On Inferring and Characterizing Internet Routing Policies Internet Routing Policies Feng Wang Lixin Gao Department of Electrical and Computer Engineering University of Massachusetts, Amherst MA 01002, USA 1

450 views • 18 slides
BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. 2015-02-16 Proceedings

BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. 2015-02-16 Proceedings

BIRD Internet Routing Daemon Ond rej Zaj cek CZ.NIC z.s.p.o. 2015-02-16 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada BIRD overview BIRD Internet Routing Daemon Routing protocols BGP, OSPF, RIP and BFD

630 views • 27 slides
Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local

Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local

Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local forwarding table header value output link in the Internet 0100 3 0101 2 0111 2 1001 1 value in arriving packets header 1 0111 2 3

403 views • 8 slides
Spock: Exploiting Serverless Functions for SLO and Cost Aware Resource Procurement in Public

Spock: Exploiting Serverless Functions for SLO and Cost Aware Resource Procurement in Public

Spock: Exploiting Serverless Functions for SLO and Cost Aware Resource Procurement in Public Cloud Jashwant Gunasekaran, Prashanth Thinakaran, Mahmut Kandemir, Bhuvan Urgaonkar, George Kesidis, Chita Das Computer Science and Engineering The

611 views • 34 slides
Ichthyology: Phishing as a Science @tetrakazi Let's talk. Dear Sir, I would like to o ff er you

Ichthyology: Phishing as a Science @tetrakazi Let's talk. Dear Sir, I would like to o ff er you

Ichthyology: Phishing as a Science @tetrakazi Let's talk. Dear Sir, I would like to o ff er you a large sum of money... System 1 System 2 Fast Slow Instinctive Methodical Emotional Rational Gullible Skeptical Information Overload

936 views • 31 slides
HardwareSoftware Co-Design: Not Just a Clich Adrian Sampson James Bornholt Luis Ceze sa

HardwareSoftware Co-Design: Not Just a Clich Adrian Sampson James Bornholt Luis Ceze sa

HardwareSoftware Co-Design: Not Just a Clich Adrian Sampson James Bornholt Luis Ceze sa pa University of Washington SNAPL 2015 time 2005 2015 immemorial (not to scale) free lunch time 2005 2015 immemorial exponential

895 views • 35 slides
Solar with Justice: Recommendations for State Governments January 29, 2020 Housekeeping Join

Solar with Justice: Recommendations for State Governments January 29, 2020 Housekeeping Join

CESA Webinar Solar with Justice: Recommendations for State Governments January 29, 2020 Housekeeping Join audio: Choose Mic & Speakers to use VoIP Choose Telephone and dial using the information provided Use the orange arrow

519 views • 19 slides
SPP/Entergy Cost-Benefit Analysis Qualitative Impacts Areas of Impact July 13 Draft For July

SPP/Entergy Cost-Benefit Analysis Qualitative Impacts Areas of Impact July 13 Draft For July

SPP/Entergy Cost-Benefit Analysis Qualitative Impacts Areas of Impact July 13 Draft For July 20, 2010 Update meeting Ellen Wolfe Jack Ellis Potential Impacts: Sample operational categories explored Transmission Reservation/Energy

256 views • 21 slides
Percona Live 2017 Santa Clara, California | April 24-27, 2017 Rick's RoTs Rules of Thumb for

Percona Live 2017 Santa Clara, California | April 24-27, 2017 Rick's RoTs Rules of Thumb for

Percona Live 2017 Santa Clara, California | April 24-27, 2017 Rick's RoTs Rules of Thumb for MySQL Rick James Agenda Indexing Optimization Partitioning Character Sets Galera/PXC Datatypes How To Hardware Miscellany INDEXing A Mini

903 views • 65 slides
Virtual Care The Force Multiplier Wendy Carroll General Manager, New Business and Stakeholder

Virtual Care The Force Multiplier Wendy Carroll General Manager, New Business and Stakeholder

Virtual Care The Force Multiplier Wendy Carroll General Manager, New Business and Stakeholder Relations Healthdirect Australia 1/05/2017 FOR OFFICIAL USE ONLY Enabling virtual care Devices devices devices. Source: www.lieftherapeutics.com

445 views • 17 slides
Budgeting for Federal Credit Programs: The Case for Fair Value Deborah Lucas Sloan Distinguished

Budgeting for Federal Credit Programs: The Case for Fair Value Deborah Lucas Sloan Distinguished

Budgeting for Federal Credit Programs: The Case for Fair Value Deborah Lucas Sloan Distinguished Professor of Finance and Director, MIT Center for Finance and Policy 1 Overview Background: Goals of FCRA Rationale for adoption of fair

299 views • 18 slides

More recommend