network security attacks
play

Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson - PowerPoint PPT Presentation

May 05, 2023 •102 likes •699 views

Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

  1. Network Security: Attacks CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161 / March 9, 2017

  2. IP Packet Header (Continued) • Two IP addresses – Source IP address (32 bits in main IP version) – Destination IP address (32 bits, likewise) • Destination address – Unique identifier/locator for the receiving host – Allows each node to make forwarding decisions • Source address – Unique identifier/locator for the sending host – Recipient can decide whether to accept packet – Enables recipient to send reply back to source

  3. Postal Envelopes: (Post office doesn’t look at the letter inside the envelope)

  4. Analogy of IP to Postal Envelopes: IP source address IP destination address (Routers don’t look at the payload beyond the IP header)

  5. IP: “ Best Effort ” Packet Delivery • Routers inspect destination address, locate “ next hop ” in forwarding table – Address = ~unique identifier/locator for the receiving host • Only provides a “ I’ll give it a try ” delivery service: – Packets may be lost – Packets may be corrupted – Packets may be delivered out of order source destination IP network

  6. Threats Due to the Lower Layers

  7. Layers 1 & 2: General Threats? Framing and transmission of a collection of bits into individual messages sent across a 7 Application single “ subnetwork ” (one physical technology) 4 Transport 3 (Inter)Network 2 Link Encoding bits to send them over a single physical link 1 Physical e.g. patterns of voltage levels / photon intensities / RF modulation

  8. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout)

  9. TCPDUMP: Packet Capture & ASCII Dumper 9

  10. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols)

  11. Wireshark: GUI for Packet Capture/Exam. 11

  12. Wireshark: GUI for Packet Capture/Exam. 12

  13. Wireshark: GUI for Packet Capture/Exam. 13

  14. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) o Bro (scriptable real-time network analysis; see bro.org ) • For any technology, routers (and internal “ switches ” ) can look at / export traffic they forward • You can also “ tap ” a link – Insert a device to mirror the physical signal

  16. Physical/Link-Layer Threats: Eavesdropping • Also termed sniffing • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “ free ” – Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet – Some handy tools for doing so o tcpdump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) o Bro (scriptable real-time network analysis) • For any technology, routers (and internal “ switches ” ) can look at / export traffic they forward • You can also “ tap ” a link – Insert a device to mirror the physical signal – Or: just steal it!

  17. Stealing Photons

  18. Protec1ng Against Eavesdropping in the Coffee Shop

  19. 1. Join the wireless network If either match up, your laptop joins the network. Op;onally performs a cryptographic exchange.

  20. 1. Join the wireless network If either match up, your laptop joins the network. Op1onally performs a cryptographic exchange.

  21. 1. Join the wireless network If either match up, your laptop joins the network. Op1onally performs a cryptographic exchange. Most commonly today, that is done using WPA2.

  22. Password: $secret! KeyCounter KeyCounter (and other stuff) (and other stuff) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  23. SSID Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  24. This func;on Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  25. This func;on computes this many itera;ons Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  26. This func;on computes this many itera;ons of this func;on Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  27. This func;on computes this many itera;ons of this func;on using this as the MAC key Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  28. This func;on computes this many itera;ons of this func;on using this as the MAC key and the XOR of these as the ini;al input. Password: $secret! KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  29. This func;on computes this many itera;ons of this func;on using this as the MAC key and the XOR of these as the ini;al input. Each subsequent itera;on takes the output of the previous computa;on as Password: $secret! its input. KeyCounter (and other stuff) Both your laptop and the AP now compute: K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  30. Now your laptop and the AP have derived a shared secret. K K Password: $secret! KeyCounter (and other stuff) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  31. Eve Eve a5acks! K K Password: $Secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  32. Eve Since the password is never exposed, if Eve doesn’t know it, the best she can do is a dic1onary aFack to try to guess it. K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  33. Eve Since the password is never exposed, if Eve doesn’t know it, the best she can do is a dic1onary aFack to try to guess it . K This goes slowly due to the 1000s of HMAC itera;ons. K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  34. Eve BUT: if Eve ponies up $2.25 for a cup of coffee and gets the password to the local net … K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  35. K Eve BUT: if Eve ponies up $2.25 for a cup of coffee and gets the password to the local net … then she knows both of these! K K Password: $secret! KeyCounter (and other stuff) K = F(HMAC-SHA1, “$secret!", “ATT192”, KeyCounter , 4096) KeyCounter WPA2, common form (“Personal”; simplified) (and other stuff)

  36. WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  37. Your laptop is preconfigured with a cert for an Authen1ca1on Server . a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  38. You establish a secure connec;on via the AP to the Authen;ca;on Server using TLS. a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

  39. You then transmit your authen;ca;on info (username/password, or your own cert) to the server User=Alice, Password= ReallyHard2Gue$$ a { Auth : : A } K -1 CA Auth WPA2, actually-secure-but-inconvenient form(“Enterprise”; simplified)

Recommend

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

585 views • 36 slides
CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat modeling for network attacks Basic security goals:

1.11k views • 39 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

535 views • 7 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 3 Network Protocol Attacks Roadmap Network security The basic objectives: CIA

1.68k views • 39 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 3 Network Protocol Attacks Roadmap Network security The

502 views • 39 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network Security Chapter 17: 2 Agenda Net adversary TCP attacks DNS attacks Firewalls Intrusion detection Honeypots Chapter 17: 3

792 views • 62 slides
Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1

Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1 Layers 1 & 2: General Threats? Framing and transmission of a collection of bits into individual messages sent across a single subnetwork

809 views • 54 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part

Computer and Network Security: Network Attacks Kameswari Chebrolu All the figures used as part of the slides are either self created or from the public domain with either 'creative commons' or 'public domain dedication' licensing. The public

914 views • 26 slides
CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC 410 / 611 : Operating Systems CPSC410/611: Security Security Security Attacks Security Threats Crypto Authentication Examples SSL Security Threats Breach of confidentiality unauthorized access to

458 views • 18 slides
Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John

Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John

Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/ Feb 10, 2010 1 Announcements / Game

402 views • 17 slides
Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136,

Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136,

Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136, Fall 2014 Outline Network security characteristics and threats Denial of service attacks Traffic control mechanisms Firewalls

797 views • 67 slides
Network Attacks Review & Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson

Network Attacks Review & Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson

Network Attacks Review & Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 15, 2011 Goals For Today Review

825 views • 53 slides
Webapp security: SQL injection Network Security Lecture 9 Today We have finished analyzing

Webapp security: SQL injection Network Security Lecture 9 Today We have finished analyzing

Webapp security: SQL injection Network Security Lecture 9 Today We have finished analyzing the security of network protocols We will now focus on web applications and their vulnerabilities (and attacks) SQL injection Eike Ritter

815 views • 25 slides
Network Attacks & Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen,

Network Attacks & Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen,

Network Attacks & Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

538 views • 36 slides
Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 3, 2011 1 Announcements / Game Plan Homework #1 out now, due

433 views • 24 slides
Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 7, 2013 Announcements / Game Plan

959 views • 42 slides

More recommend