network attacks con t
play

Network Attacks, Cont CS 161: Computer Security Prof. Vern Paxson - PowerPoint PPT Presentation

Oct 01, 2023 •125 likes •699 views

Network Attacks, Cont CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

  1. Network Attacks, Con’t CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161 / March 14, 2017

  2. The Transport Layer: TCP

  3. “ Best Effort ” is Lame! What to do? • It’s the job of our Transport (layer 4) protocols to build data delivery services that our apps need out of IP’s modest layer-3 service

  4. Layer 4: Transport Layer End-to-end communication between processes 7 Application Different services provided: TCP = reliable byte stream 4 Transport UDP = unreliable datagrams 3 (Inter)Network ( Datagram = single packet message) 2 Link 1 Physical

  5. “ Best Effort ” is Lame! What to do? • It’s the job of our Transport (layer 4) protocols to build data delivery services that our apps need out of IP’s modest layer-3 service • #1 workhorse: TCP ( Transmission Control Protocol ) • Service provided by TCP: – Connection oriented (explicit set-up / tear-down) o End hosts (processes) can have multiple concurrent long-lived communication – Reliable , in-order, byte-stream delivery o Robust detection & retransmission of lost data

  6. TCP “ Bytestream ” Service Process A on host H1 Byte 0 Byte 1 Byte 2 Byte 3 Byte 80 Processes don’t ever see packet boundaries, lost or corrupted packets, retransmissions, etc. Process B on host H2 Byte 0 Byte 1 Byte 2 Byte 3 Byte 80

  7. Bidirectional communication: Process B on host H2 Byte 0 Byte 1 Byte 2 Byte 3 Byte 73 There are two separate bytestreams , one in each direction Process A on host H1 Byte 0 Byte 1 Byte 2 Byte 3 Byte 73

  8. (Link Layer Header) TCP Header (IP Header) Source port Destination port Sequence number Acknowledgment HdrLen Advertised window Flags 0 Checksum Urgent pointer Options (variable) Data …

  9. (Link Layer Header) TCP Header (IP Header) Ports are Source port Destination port associated with OS Sequence number processes Acknowledgment HdrLen Advertised window Flags 0 Checksum Urgent pointer Options (variable) Data …

  10. (Link Layer Header) TCP Header (IP Header) Ports are Source port Destination port associated with OS Sequence number processes Acknowledgment IP source & destination HdrLen Advertised window Flags 0 addresses plus TCP source and destination Checksum Urgent pointer ports uniquely identifies a (bidirectional) TCP Options (variable) connection Data …

  11. 4. Connect to google.com server Ti Ti e Res gateway 216.97.19.132 ti e In ti e In tf tf router resolver Suppose our browser used port 23144 for our connection, and Google’s server used 443 . 172.217.6.78 Then our connection will be fully specified by the single tuple < 216.97.19.132 , 23144 , 172.217.6.78 , 443 >

  12. TCP Header Ports are Source port Destination port associated with OS Sequence number processes Acknowledgment IP source & destination HdrLen Advertised window Flags 0 addresses plus TCP source and destination Checksum Urgent pointer ports uniquely identifies a (bidirectional) TCP Options (variable) connection Some port numbers are Data … “ well known ” e.g. port 443 = HTTPS

  13. TCP Header Source port Destination port Starting sequence Sequence number number (byte offset) of data Acknowledgment carried in this HdrLen Advertised window Flags 0 “segment” Checksum Urgent pointer Options (variable) Data …

  14. TCP Header Source port Destination port Starting sequence Sequence number number (byte offset) of data Acknowledgment carried in this HdrLen Advertised window Flags 0 “segment” Checksum Urgent pointer Byte streams Options (variable) numbered independently in each direction Data …

  15. TCP Header Source port Destination port Starting sequence Sequence number number (byte offset) of data Acknowledgment carried in this HdrLen Advertised window Flags 0 “segment” Checksum Urgent pointer Byte streams Options (variable) numbered independently in each direction Data … Sequence number assigned to start of byte stream is picked when connection begins; doesn’t start at 0

  16. TCP Header Source port Destination port Sequence number Acknowledgment gives seq # just Acknowledgment beyond highest seq. received in order . HdrLen Advertised window Flags 0 Checksum Urgent pointer If sender successfully sends N bytestream Options (variable) bytes starting at seq S then “ ack ” for that Data … will be S+N .

  17. Sequence Numbers Host A ISN (initial sequence number) Sequence ACK sequence TCP TCP Data HDR number from A number from B = 1 st byte of = next data expected byte TCP TCP Data HDR Host B

  18. TCP Header Source port Destination port Sequence number Uses include: Acknowledgment acknowledging data ( “ ACK ” ) HdrLen Advertised window Flags 0 Checksum Urgent pointer setting up ( “ SYN ” ) and closing Options (variable) connections ( “ FIN ” and “ RST ” ) Data …

  19. Establishing a TCP Connection B A • Three-way handshake to establish connection

  20. Establishing a TCP Connection B A Each host tells its Initial Sequence Number (ISN) to the other host. (Spec says to pick based on a clock) • Three-way handshake to establish connection

  21. Establishing a TCP Connection B A SYN Each host tells its Initial Sequence Number (ISN) to the other host. (Spec says to pick based on a clock) • Three-way handshake to establish connection – Host A sends a SYN (open; “synchronize sequence numbers”) to host B

  22. Establishing a TCP Connection B A SYN Each host tells its Initial Sequence Number SYN+ACK (ISN) to the other host. (Spec says to pick based on a clock) • Three-way handshake to establish connection – Host A sends a SYN (open; “synchronize sequence numbers”) to host B – Host B returns a SYN acknowledgment ( SYN + ACK )

  23. Establishing a TCP Connection B A SYN Each host tells its Initial Sequence Number SYN+ACK (ISN) to the other host. ACK (Spec says to pick based on a clock) • Three-way handshake to establish connection – Host A sends a SYN (open; “synchronize sequence numbers”) to host B – Host B returns a SYN acknowledgment ( SYN + ACK ) – Host A sends an ACK to acknowledge the SYN + ACK

  24. Establishing a TCP Connection B A SYN Each host tells its Initial Sequence Number SYN+ACK (ISN) to the other host. ACK (Spec says to pick based D a t on a clock) a D a t a • Three-way handshake to establish connection – Host A sends a SYN (open; “synchronize sequence numbers”) to host B – Host B returns a SYN acknowledgment ( SYN + ACK ) – Host A sends an ACK to acknowledge the SYN + ACK

  25. Timing Diagram: 3-Way Handshaking Passive Different starting Open initial sequence Active numbers (ISNs) in Server Open each direction listen() Client (initiator) connect() SYN, SeqNum = x 1 + x = k c A , y = m u N q e S K , C A + N Y S ACK, SeqNum = x + 1, Ack = y + 1 accept()

  26. TCP Conn. Setup & Data Exchange Client (initiator) Server IP address 1.2.1.2, port 3344 IP address 9.8.7.6, port 80 S r c A = 1 . 2 . 1 . 2 , S r c D P s = 3 t A 3 = 4 9 4 . 8 , . 7 . 6 , D s t P = 8 0 , S Y N , S e q = x SrcA=9.8.7.6, SrcP=80, DstA=1.2.1.2, DstP=3344, SYN+ACK, Seq = y, Ack = x+1 S r c A = 1 . 2 . 1 . 2 , S r D c s P t A = 3 = 3 9 4 . 8 4 . , 7 . 6 , D s t P = 8 0 , A C K , A c k = y + 1 S r c A = 1 . 2 . 1 . 2 , S r c P = 3 3 A 4 C 4 , D K s , S t e A q = = 9 . x 8 + . 7 1 , . 6 A , c D k s = t P y = + 8 1 0 , , D a t a = “ “ G E T / l o g i n . h t m l SrcA=9.8.7.6, SrcP=80, DstA=1.2.1.2, DstP=3344, ACK, Seq = y+1, Ack = x+16, Data= “ 200 OK … <html> … ”

  27. TCP Threat: Disruption • Normally, TCP finishes ( “ closes ” ) a connection by each side sending a FIN control message – Reliably delivered, since other side must ack • But: if a TCP endpoint finds unable to continue (process dies; info from other “ peer ” is inconsistent), it abruptly terminates by sending a RST control message – Unilateral – Takes effect immediately (no ack needed) – Only accepted by peer if has correct* sequence number 27

  28. Source port Destination port Sequence number Acknowledgment HdrLen Advertised window Flags 0 Checksum Urgent pointer Options (variable) Data …

  29. Source port Destination port Sequence number Acknowledgment RST HdrLen Advertised window 0 Checksum Urgent pointer Options (variable)

  30. Abrupt Termination X B ACK SYN ACK SYN A T a t S C a R D K A time • A sends a TCP packet with RESET ( RST ) flag to B – E.g., because app. process on A crashed – (Could instead be that B sends a RST to A) • Assuming that the sequence numbers in the RST fit with what B expects, That’s It: – B’s user-level process receives: ECONNRESET – No further communication on connection is possible

Recommend

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network Coding Based Systems Vahid N. Talooki, University of Aveiro, Portugal Network Coding (NC) allows intermediate nodes not only to store and forward

307 views • 4 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

535 views • 7 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet

Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet

CS 134 Winter 2018 Lecture 16 Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) collection of IP networks under control local network of a single

769 views • 54 slides
CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat modeling for network attacks Basic security goals:

1.11k views • 39 slides
CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

585 views • 36 slides
Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Lecture 17 CS 134 Spring 2019 Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) local network collection of IP networks under control of a

643 views • 25 slides
Attacks in SDN Domains Kostas Giotis , Maria Apostolaki, Vasilis Maglaris IEEE/IFIP Network

Attacks in SDN Domains Kostas Giotis , Maria Apostolaki, Vasilis Maglaris IEEE/IFIP Network

NATIONAL TECHNICAL UNIVERSITY OF ATHENS - NTUA SCHOOL OF ELECTRICAL &amp; COMPUTER ENGINEERING NETWORK MANAGEMENT &amp; OPTIMAL DESIGN LABORATORY (NETMODE) A Reputation-based Collaborative Schema for the Mitigation of Distributed Attacks in SDN

631 views • 9 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk Gaastra Supervisor: Vincent Van Mieghem, Deloitte 3 July, 2018 MSc Security and Network Engineering University of Amsterdam Introduction I2P -

720 views • 37 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Backbone Infrastructure Attacks and Protections draft-savola-rtgwg-backbone-attacks-01.txt Pekka

Backbone Infrastructure Attacks and Protections draft-savola-rtgwg-backbone-attacks-01.txt Pekka

Backbone Infrastructure Attacks and Protections draft-savola-rtgwg-backbone-attacks-01.txt Pekka Savola Introduction Describes a view of ISP backbone network attacks Lots of folks in IETF and elsewhere had quite different ideas whats out

529 views • 9 slides
Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background

Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background

Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background singers: Jay and Fabian 1 Agenda Questions and Critique of Timezones paper Extensions Network Monitoring (recap) Post-Mortem Analysis

666 views • 40 slides
Reliably Determining the Outcome Reliably Determining the Outcome of Computer Network Attacks of

Reliably Determining the Outcome Reliably Determining the Outcome of Computer Network Attacks of

Reliably Determining the Outcome Reliably Determining the Outcome of Computer Network Attacks of Computer Network Attacks th Annual FIRST Conference 18 th Annual FIRST Conference 18 Capt David Chaboya Dr Richard Raines, Dr Rusty Baldwin, Dr

447 views • 34 slides
Introdution to Physical Cryptanalysis ASK 2014 Victor LOMNE ANSSI (French Network and Information

Introdution to Physical Cryptanalysis ASK 2014 Victor LOMNE ANSSI (French Network and Information

Introdution to Physical Cryptanalysis ASK 2014 Victor LOMNE ANSSI (French Network and Information Security Agency) Saturday, December 20 th , 2014 Introduction| Side Channel Attacks (SCA)| Fault Attacks (FA)| Combined Attacks| Protections|

817 views • 71 slides
A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in

A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in

DD O S D ETECTION AND A LERTING Daniel Romo Niels van Dijkhuizen BACKGROUND DDoS attacks are commonly seen in the SURFnet network Mostly flooding attacks Customers are heavily affected and complain These attacks are cheap and

767 views • 17 slides
Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part of the slides are either self created or from the public domain with either 'creative commons' or 'public domain dedication' licensing. The public

914 views • 26 slides
CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer

CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer

CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer and network security Instructor: Prof. Roberto Perdisci Fundamental Components l Confidentiality l concealment/secrecy of information often

642 views • 37 slides
Preventing and detecting network attacks Harald Vranken 1 About me Open University &amp;

Preventing and detecting network attacks Harald Vranken 1 About me Open University &amp;

Advanced Network Security (2019-2020) Preventing and detecting network attacks Harald Vranken 1 About me Open University &amp; Radboud University Office: Mercator I, room 2.16 (Friday) Email: harald.vranken@ou.nl Skype: harald.vranken

1.11k views • 62 slides
Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1 Layers 1 &amp; 2: General Threats? Framing and transmission of a collection of bits into individual messages sent across a single subnetwork

809 views • 54 slides
Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES Bholanath Roy Research Scholar Advanced Encryption Standard(AES) Design of an Espionage Network : Attack Architecture Espionage Infrastructure

435 views • 4 slides

More recommend