large scale attacks on the internet lessons learned from
play

Large Scale Attacks on the Internet Lessons learned from the LOBSTER - PowerPoint PPT Presentation

Apr 24, 2023 •100 likes •335 views

The LOBSTER project An IST Project http://www.ist-lobster.org/ Large Scale Attacks on the Internet Lessons learned from the LOBSTER project Evangelos Markatos Institute of Computer Science (ICS) Foundation for Research and Technology

  1. The LOBSTER project An IST Project http://www.ist-lobster.org/ Large Scale Attacks on the Internet Lessons learned from the LOBSTER project Evangelos Markatos Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH) Crete, Greece Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  2. Agenda An IST Project http://www.ist-lobster.org/ • Motivation • The LOBSTER Infrastructure – Number of sensors - deployment – Attacks captured • Lessons Learned • Policy Implications Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  3. Agenda An IST Project http://www.ist-lobster.org/ • Motivation • The LOBSTER Infrastructure – Number of sensors - deployment – Attacks captured • Lessons Learned • Policy Implications Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  4. Computer Security is getting increasingly important An IST Project http://www.ist-lobster.org/ • 1988 – The Morris worm compromised 6,000 UNIX computers • 2001 – The Code Red worm compromised 300,000 computers Source: CAIDA/UCSD Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  5. Computer Security is Critical An IST Project http://www.ist-lobster.org/ • 2007: Vint Cerf (the father of the Internet and VP of Google) says: – 25% of all computers online are compromised • 100-150 million computers are compromised… Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  6. Vulnerabilities An IST Project http://www.ist-lobster.org/ Vulnerabilities found 5000 4000 3000 2000 1000 0 2004 2005 2006 • Total Vulnerabilities documented by Symantec Corporation (source: Internet Security Threat Report) Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  7. Black Market Trading An IST Project http://www.ist-lobster.org/ Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  8. So? An IST Project http://www.ist-lobster.org/ • One out of four computers is compromised • Hackers penetrate all different kinds of computers • Vulnerabilities are increasing every year • They are being sold in the black market • We need to react: – Monitor large scale attacks – Understand mechanisms and motives of attackers Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  9. Agenda An IST Project http://www.ist-lobster.org/ • Motivation • The LOBSTER Infrastructure – Number of sensors - deployment – Attacks captured • Lessons Learned • Policy Implications Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  10. The LOBSTER project An IST Project http://www.ist-lobster.org/ • Research Networking Test-Bed project – 2005-2007 Funded by IST • Installed a monitoring infrastructure – To study performance and security issues in European Research and Educational networks – Deployed • more than 40 sensors • in 10 countries – Monitors incoming traffic to see if it contains network attacks from hackers Funded by the European Commission Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  11. LOBSTER Deployment An IST Project http://www.ist-lobster.org/ Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  12. Attacks Captured: focus on polymorphic attacks An IST Project http://www.ist-lobster.org/ • Close to one million attacks captured • One attack every 30 seconds! • One attack every two seconds (peak rate)! Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  13. Where do attackers come from? An IST Project http://www.ist-lobster.org/ All over the world Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  14. Where do attackers come from? An IST Project http://www.ist-lobster.org/ • 70% of the attacks to an organization originate from “inside” hosts – Maybe compromised computers which attack the local network Attacks Launched from internal hosts from external hosts Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  15. Agenda An IST Project http://www.ist-lobster.org/ • Motivation • The LOBSTER Infrastructure – Number of sensors - deployment – Attacks captured • Lessons Learned • Policy Implications Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  16. Lessons Learned An IST Project http://www.ist-lobster.org/ • Attackers launch attacks from all over the world • Several attacks originate from “internal” hosts – Probably compromised computers of the organization • Isolated viewpoints provided a “narrow point of view” of the attack plane, i.e. – One sensor reported heavy attack while – Another sensor reported very little attacks SENSOR 1 SENSOR 2 Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  17. Agenda An IST Project http://www.ist-lobster.org/ • Motivation • The LOBSTER Infrastructure – Number of sensors - deployment – Attacks captured • Lessons Learned • Policy Implications Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  18. What needs to be done? An IST Project http://www.ist-lobster.org/ • The knowledge of large scale attacks may be fragmented today – Individual organizations know their status but do not know the status of other organizations/networks • Very few people/organizations have a global view of the attack landscape • Even fewer publish this information on the public domain • We need to work towards a “broad viewpoint” by sharing of data • Large-scale attack monitoring needs “broadened points of view” Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  19. What has been done An IST Project http://www.ist-lobster.org/ • ENISA has started work in this area: – Examining the feasibility of a data collection framework • Unit A3 of ICT promotes the “Learning from Large-Scale Attacks on the Internet” • Individual projects/organizations in Europe provide some form of data/information (NoAH, WOMBAT, Arakis, Leurre.com, etc.) • BUT • We need to share more information/data Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  20. What needs to be done? An IST Project http://www.ist-lobster.org/ • Facilitate sharing of knowledge – facilitate sharing of data – Encourage Organizations to share attack-related data • Universities are usually willing to provide information but – they may need technical and legal advice before doing so – Help organizations exchange attack-related data • Create repositories for all data provided by individual organizations • Provide a legal framework for data sharing – Who can access the data, when and for which purposes Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  21. Summary An IST Project http://www.ist-lobster.org/ • Lots of attacks out there • Vulnerabilities are increasing – They are being traded in the black market • One out of four computers is compromised • Existing projects/initiatives/organizations provide attack- related information-data but – Most of them provide narrow viewpoints • We need to find a formula to broaden our point of view – And to share data and information • Large-scale attacks need large-scale viewpoints Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

  22. The LOBSTER project An IST Project http://www.ist-lobster.org/ Large Scale Attacks on the Internet Lessons learned from the LOBSTER project Evangelos Markatos Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH) Crete, Greece Learning from Large Scale Attacks on the Internet markatos@ics.forth.gr Policy Implications

Recommend

Lessons Learned from a Large-Scale Telco OSP+SDN Deployment Guil Barros, Sr. Pr. Product Manager

Lessons Learned from a Large-Scale Telco OSP+SDN Deployment Guil Barros, Sr. Pr. Product Manager

Lessons Learned from a Large-Scale Telco OSP+SDN Deployment Guil Barros, Sr. Pr. Product Manager OpenStack, Red Hat Vicken Krissian, Sr. Technical Project Manager, Red Hat Cyril Lopez, Sr. OpenStack Consultant, Red Hat Agenda Who we are

631 views • 20 slides
CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee * , Min Suk

CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee * , Min Suk

CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee * , Min Suk Kang , Virgil D. Gligor CyLab, Carnegie Mellon University * Qualcomm Dec. 12, 2013 Large Scale Link-Flooding Attacks Massive DDoS attacks against

487 views • 27 slides
Workshop D Energy Savings Champions: Lessons Learned from Large-Scale School Lighting Upgrade

Workshop D Energy Savings Champions: Lessons Learned from Large-Scale School Lighting Upgrade

Workshop D Energy Savings Champions: Lessons Learned from Large-Scale School Lighting Upgrade Tuesday, February 18, 2020 10:45 a.m. to Noon Biographical Information Jeffrey A. Roe, Energy Manager & Environmental Health and Safety Manager

864 views • 57 slides
Microservices at Netflix Scale First Principles, Tradeoffs, Lessons Learned Ruslan Meshenberg

Microservices at Netflix Scale First Principles, Tradeoffs, Lessons Learned Ruslan Meshenberg

Microservices at Netflix Scale First Principles, Tradeoffs, Lessons Learned Ruslan Meshenberg @rusmeshenberg Microservices: all benefits, no costs? Netflix is the worlds leading Internet television network with over 81 million members in

1.01k views • 62 slides
Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Protg 2006, July 26th, Stanford I R I S A C 1 R E C Saint-Cyr Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From Ontology Ontology Design Design Ontology Ontology Design Design Jean Andr B

371 views • 12 slides
1 <Insert Picture Here> C++, Java and .NET: Lessons learned from the Internet Age, and

1 <Insert Picture Here> C++, Java and .NET: Lessons learned from the Internet Age, and

1 <Insert Picture Here> C++, Java and .NET: Lessons learned from the Internet Age, and What it Means for the Cloud and Emerging Languages Cameron Purdy Vice President, Development Overview <Insert Picture Here> A retrospective of

656 views • 41 slides
Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and measurements MIT Tech Review on The Loon Project The state of affairs An ever growing Internet ~3 billion people 15 billion devices

1.21k views • 107 slides
Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and

Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and

Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and Michael Banck PGConf.EU 2017 Introduction Federate state ministry in Germany Hosting by states central IT service centre Michael worked as

685 views • 21 slides
Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a

Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a

Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a Model-Guided, Mixed Methods Analysis Mark S. Bauer, MD VA Center for Healthcare Organization & Implementation Research (CHOIR) & the VA QUERI for

422 views • 17 slides
Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame

Internet Topology Generation for Large Scale BGP Simulation Jean-Michel Fourneau - Houssame Yahiaoui Outlook BGP: Border Gateway Protocol Large Scale Simulation: motivations Large Scale BGP Simulation Model Realistic Topologies

550 views • 17 slides
7 Lessons Learned Leading Internet Era Communities Zachary Rosen TWITTER:@ZACK EMAIL:

7 Lessons Learned Leading Internet Era Communities Zachary Rosen TWITTER:@ZACK EMAIL:

7 Lessons Learned Leading Internet Era Communities Zachary Rosen TWITTER:@ZACK EMAIL: ZACK@GETPANTHEON.COM MY QUICK STORY The Professional Website Platform IM A MISSIONARY, NOT A MERCENARY OUR MISSION Democratize the web. 7 LESSONS

573 views • 21 slides
C++, Java and .NET: Lessons learned from the Internet Age, and What it Means for the Cloud and

C++, Java and .NET: Lessons learned from the Internet Age, and What it Means for the Cloud and

<Insert Picture Here> C++, Java and .NET: Lessons learned from the Internet Age, and What it Means for the Cloud and Emerging Languages Cameron Purdy Vice President, Development Overview <Insert Picture Here> A retrospective of

532 views • 40 slides
INTERNET SERVICES 2110414 Large Scale Computing Systems Natawut Nupairoj, Ph.D. Outline 2

INTERNET SERVICES 2110414 Large Scale Computing Systems Natawut Nupairoj, Ph.D. Outline 2

2110414 - Large Scale Computing Systems 1 LARGE SCALE INTERNET SERVICES 2110414 Large Scale Computing Systems Natawut Nupairoj, Ph.D. Outline 2 Overview Background Knowledge Architectural Case Studies Real-World Case Study

609 views • 35 slides
Lessons Learned from Implementing a Web-Based Tool for Brief Alcohol Interventions in a Large

Lessons Learned from Implementing a Web-Based Tool for Brief Alcohol Interventions in a Large

Lessons Learned from Implementing a Web-Based Tool for Brief Alcohol Interventions in a Large Integrated Health Care System Ken Weingardt, Ph.D., Michael A. Cucciare, PhD Paula Wilbourne, PhD, John S. Baer, PhD Veterans Health Administration

418 views • 27 slides
RabbitMQ at Scale, Lessons Learned OpenStack Summit Barcelona Matthew Popow, Weiguo Sun, Wei

RabbitMQ at Scale, Lessons Learned OpenStack Summit Barcelona Matthew Popow, Weiguo Sun, Wei

RabbitMQ at Scale, Lessons Learned OpenStack Summit Barcelona Matthew Popow, Weiguo Sun, Wei Tie, Scott Pham, Kerry Miles @mattpopow October 26, 2016 Environment Details Overcloud / Undercloud 800+ Nova Compute Nodes, 700 Routers,

431 views • 31 slides
Evaluation of Amplification attacks in large-scale networks to improve detection performance

Evaluation of Amplification attacks in large-scale networks to improve detection performance

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Evaluation of Amplification attacks in large-scale networks to improve detection performance Michael Kpferl Interdisciplinary Project Final

517 views • 49 slides
Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella Power Photo credit: mumsabroad.com A bit about me Drupal hobbyist Founder of Annertech Backend developer

509 views • 38 slides
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/

Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) History of Tor censorship attempts 2) Attacks on low-latency anonymity 3) Tor performance

1.36k views • 101 slides
Building Large-Scale Internet Services Jeff Dean jeff@google.com Plan for Today Googles

Building Large-Scale Internet Services Jeff Dean jeff@google.com Plan for Today Googles

Building Large-Scale Internet Services Jeff Dean jeff@google.com Plan for Today Googles computational environment hardware system software stack & its evolution Techniques for building large-scale systems decomposition

1.27k views • 80 slides
Large Scale Simulation of Tor: Stream Mix Networks Low latency Networks Network Correlation

Large Scale Simulation of Tor: Stream Mix Networks Low latency Networks Network Correlation

Large Scale Simulation of Tor: Stream Correlation Attacks Gavin O Gorman Anonymous Networks Large Scale Simulation of Tor: Stream Mix Networks Low latency Networks Network Correlation Attacks Simulation Results Attacks Gavin O

328 views • 20 slides
Lessons Learned in Deploying the World's Largest Scale Lustre File System Presented by David

Lessons Learned in Deploying the World's Largest Scale Lustre File System Presented by David

Lessons Learned in Deploying the World's Largest Scale Lustre File System Presented by David Dillow Galen Shipman, David Dillow, Sarp Oral, Feiyi Wang, Douglas Fuller, Jason Hill, and Zhe Zhang 1 Brief overview of Spider 10 PB storage to

296 views • 17 slides
Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale electronic voting protocol: Primarily Internet-based Users voting from their own devices (such as home PC/laptop) Aimed toward actual

721 views • 21 slides
Utilizing Large-Scale Randomized Response at Google: RAPPOR and its lessons lfar Erlingsson,

Utilizing Large-Scale Randomized Response at Google: RAPPOR and its lessons lfar Erlingsson,

Utilizing Large-Scale Randomized Response at Google: RAPPOR and its lessons lfar Erlingsson, Vasyl Pihur, Aleksandra Korolova, Steven Holte, Ananth Raghunathan , Giulia Fanti, Ilya Mironov, Andy Chu DIMACS Security and Privacy Workshop (April

833 views • 44 slides
Lessons from an Internet-Scale Notification System Atul Adya History End-client

Lessons from an Internet-Scale Notification System Atul Adya History End-client

Lessons from an Internet-Scale Notification System Atul Adya History End-client notification system Thialfi Presented at SOSP 2011 Since then: Scaled by several orders of magnitude Used by many more products and in

860 views • 46 slides

More recommend