Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
the dynamics and control of internet attacks

The Dynamics and Control of Internet Attacks James G. Garnett Liz - PowerPoint PPT Presentation

Sep 23, 2022 •8 likes •361 views

The Dynamics and Control of Internet Attacks James G. Garnett Liz Bradley University of Colorado Department of Computer Science (JGG now at Secure64) 1 Internet fundamentals, part I Design assumes that users are good citizens and that

  1. The Dynamics and Control of Internet Attacks James G. Garnett Liz Bradley University of Colorado Department of Computer Science (JGG now at Secure64) 1

  2. Internet fundamentals, part I • Design assumes that users are good citizens and that hosts don’t move around • No screening, address verification, … • Source of many current woes 2

  3. “Malware” • popups • spam • worms, viruses • botnets • spoofing • sniffers • direct attacks • denial-of-service (DoS) attacks • … 3

  4. Solutions • popups: good browser design & hygiene • spam: spam filters • worms, viruses: anti-virus software • botnets: anti-virus software • spoofing: authentication • sniffers: cryptography, anti-virus software • direct attacks: firewalls • denial-of-service (DoS) attacks: this talk 4

  5. Internet fundamentals, part II: • Design assumes that data can get lost • So retransmission is built into its protocols • Which means that it’s OK to drop resource requests • The trick is to drop as few of them as possible to keep the resource unclogged. 5

  6. Internet fundamentals, part III: • The “black hats” observe the defenses and adapt • Rapid co-evolution • So any kind of static response won’t work • Have to respond adaptively… 6

  7. • Build an adaptive stochastic model of resource usage • Use a nonlinear model-reference PID controller to screen resource requests 7

  8. What computer systems typically do to handle overload: • Set hard limits (e.g., drop-tail queue mgmt) • Control average demand • Use ad hoc linear proportional closed-loop controllers (at best) 8

  9. The model: Birth/Death Markov chain 1-p-q 1-p-q p p q p 0 1 n-1 n q q • Well known, widely used, and broadly applicable • State ranges from 0 to n • Edges denote possible state transitions • Edges are annotated with transition probabilities 9

  10. Stationary distributions of the BD chain: Key point: can calculate the distribution shape from p and q 10

  11. What if you wanted a different distribution? Key point: can calculate what p and q would give rise to this shape Control strategy: Calculate desired p, q • Estimate actual p, q • 11 Gatekeep on the difference •

  12. Controller architecture: 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 12 Serviced Resource Requests

  13. System under control 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 13 Serviced Resource Requests

  14. Reference distribution: Q(i) 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 14 Serviced Resource Requests

  15. Q(i): The control goal specification 15

  16. Reference distribution: Q(i) 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 16 Serviced Resource Requests

  17. Calculate transition ratios: Q(i+1)/Q(i) 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 17 Serviced Resource Requests

  18. Estimate transition probabilities: Incoming Resource 1.00 – p d /p in Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 18 Serviced Resource Requests

  19. Calculate desired p d and drop resource requests accordingly: 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 19 Serviced Resource Requests

  20. Model-reference feedback control loop: Model 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Controller Filter Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 20 Serviced Resource Requests

  21. What if R( β -1) is incorrect? QoS spec 21

  22. That second feedback loop adjusts it: 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 22 Serviced Resource Requests

  23. Nonlinear transform accelerates convergence: 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 23 Serviced Resource Requests

  24. Denial of Service (DoS) example: Attacker Victim Bystander 1 2 • identical unix machines • 10 Mb/sec networks • NB: single s/w manager in victim handles all incoming traffic 24

  25. Without control: Attacker Victim Bystander 1 2 96.9% packet loss 97.0% packet loss 25

  26. With control: Attacker Victim Bystander 1 2 93.4% loss 0.0% loss 26

  27. Results: • It works. • It converges fairly quickly (1-3 sec in our tests). • It’s lightweight: – Small amount of code (~100 lines of C) – Low computational and memory overhead • |Q| subtracts are primary computational load; runs in µ sec • 128 bytes per controller for state information – Advantages of RED, without RED’s disadvantages (this is the IETF’s standard for congestion control) 27

  28. Half a dozen equations, really… 1.00 – p d /p in Resource Requests Resource Π Manager p in p d Admission Desired Request Input Empirical Distribution Filter Controller Calculator β q Service Filter Ratio Reference Distribution Table β β− 1 R( β ) n Nonlinear Σ PID Controller Transform ε n-1 n 28 Serviced Resource Requests

  29. How you implement this: Resource existing incoming manager requests s/w slots 29

  30. Conclusions: • It works. • It converges fairly quickly (1-3 sec in our tests). • It’s lightweight: – Small amount of code (~100 lines of C) – Low computational and memory overhead • |Q| subtracts are primary computational load; runs in µ sec • 128 bytes per controller for state information – Advantages of RED, without RED’s disadvantages • It’s broadly applicable (any system that can be modeled by a G/G/1 queue) • And it has been already been deployed in practice… 30

  31. Commercialization… • Patent filing (6/26/2004) • Secure64 Wildfire/CE 2 (12/1/2004) • And then shot down. JGG’s thesis proposal was circulated to other students by a committee member, which constituted “prior disclosure” and kills a patent. (You have one year from the first disclosure to file it.) Moral: be careful with your ideas if you’re thinking of patenting them — keep dated, initialed notebooks, don’t share ideas until you’re ready to patent, etc. www.cs.colorado.edu/~lizb/papers/dos.html 31

  32. On the stove: Nonlinear dynamics Nonlinear dynamics • Modeling & control of internet attacks • Nonlinear time-series analysis of computer systems • MEMS-based flow control in jets • Recurrence plots • Computational topology & topology-based filters Artificial intelligence Artificial intelligence • Nonlinear system identification • Radioisotope dating • Movement patterns • Clear-air turbulence forecasting www.cs.colorado.edu/~lizb 32

  33. Collaborators • graduate students: Jenny Abernethy, Matt Easley, James Garnett, John Giardino, Kenny Gruchalla, Joe Iwanski, Zhichun Ma, Ricardo Mantilla, Todd Mytkowicz, Laura Rassbach, Vanessa Robins, Natalie Ross, Reinhard Stolle • postdocs: Tom Peacock (now at MIT) • undergrads: Ellenor Brown, Nate Farrell, Jesse Negretti, John Nord, Alex Renger, Roscoe Schenk, Stephen Schroeder, Evan Sheehan, Josh Stuart (now at UCSC) • faculty: — Jessica Hodgins, Computer Science, CMU — David Capps, Theater & Dance, Hunter College — Jean Hertzberg & YC Lee, Mechanical Engineering, CU — Amer Diwan, Computer Science, CU 33

Recommend

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

185 views • 7 slides
Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Lecture 17 CS 134 Spring 2019 Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) local network collection of IP networks under control of a

646 views • 25 slides
Congestion Control In The Congestion Control In The Internet Internet JY Le Boudec Fall 2009

Congestion Control In The Congestion Control In The Internet Internet JY Le Boudec Fall 2009

Congestion Control In The Congestion Control In The Internet Internet JY Le Boudec Fall 2009 1 Plan of This Module Plan of This Module 1. Congestion control: theory 2. Application to the Internet 2 Theory of Congestion Control Theory of

1.65k views • 76 slides
Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22

Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22

Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22 Overview What is a stream cipher? Classification of attacks Different Attacks Exhaustive Key Search Time Memory Tradeoffs

659 views • 22 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

536 views • 7 slides
Web Dynamics Part 1 Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application examples

Web Dynamics Part 1 Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application examples

Web Dynamics Part 1 Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application examples Summer Term 2009 Web Dynamics 1 1 Why Web Dynamics? From Wikipedia: In physics the term dynamics customarily refers to the time evolution of

608 views • 35 slides
Web Dynamics Part 1 - Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application

Web Dynamics Part 1 - Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application

Web Dynamics Part 1 - Introduction 1.1 Dimensions of dynamics in the Web 1.2 Application examples Summer Term 2010 Web Dynamics 1-1 Why Web Dynamics? From Wikipedia: In physics the term dynamics customarily refers to the time evolution of

440 views • 42 slides
Industrial Robots Industrial Robots Control Control Part 1 Control Control Part 1 Part 1

Industrial Robots Industrial Robots Control Control Part 1 Control Control Part 1 Part 1

Industrial Robots Industrial Robots Control Control Part 1 Control Control Part 1 Part 1 Part 1 Introduction to robot control The motion control problem motion control problem consists in the design of control algorithms for the robot

826 views • 46 slides
1 IP datagram IP datagram format format 20 bytes 20 bytes header header (minimum)

1 IP datagram IP datagram format format 20 bytes 20 bytes header header (minimum)

Lecture 11. Lecture 11. The Internet Layer The Internet Layer IP (Internet Protocol) IP (Internet Protocol) & & ICMP (Internet Control Message Protocol) ICMP (Internet Control Message Protocol) Giuseppe Bianchi Internet Protocol

341 views • 18 slides
Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion

Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion

Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion Avoidance and Control" (Jacobson/Karels) Combined congestion/flow control for TCP Goal: stability - in equilibrum, no packet is sent into the

484 views • 24 slides
A PCC-Vivace Kernel Module PRESENTED BY TOMER GILAD Internet Congestion Control Senders

A PCC-Vivace Kernel Module PRESENTED BY TOMER GILAD Internet Congestion Control Senders

A PCC-Vivace Kernel Module PRESENTED BY TOMER GILAD Internet Congestion Control Senders Receivers Data The Internet Acks Internet Congestion Control Senders Receivers Data The Internet Acks Choose when to send Internet Congestion

712 views • 40 slides
CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

10/4/16 CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of the Internet in 1990 The Global Internet (And Now) A simple multi-provider Internet 1 10/4/16 The Global Internet Some large

310 views • 12 slides
INTERNET FOR A MOBILE INTERNET FOR A MOBILE GENERATION GENERATION www.itu.int/mobileinternet

INTERNET FOR A MOBILE INTERNET FOR A MOBILE GENERATION GENERATION www.itu.int/mobileinternet

ITU Internet Report 2002 INTERNET FOR A MOBILE INTERNET FOR A MOBILE GENERATION GENERATION www.itu.int/mobileinternet ITU Internet Report 2002: Internet for a Mobile Generation Mobile and Internet: Identical twins born two years apart?

448 views • 17 slides
History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet timeline from 1970s until today The Internet today 2 Origins of the Internet J.C.R. Licklider of MIT in August 1962 wrote about the

567 views • 13 slides
IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites Robert Bjekovic, University of applied sciences Ravensburg Weingarten, Weingarten, Germany Michael Elwert, University of applied

356 views • 32 slides
Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control Control Flow Flow Integrity Integrity Attacks Attacks 2 http://propercourse.blogspot.com/2010/05/i-believe-in-duct-tape.html CFI: Goal Provably

748 views • 41 slides
HTS ACTIVITIES AT CEA-PARIS SACLAY Helene Felice for the Superconducting Magnet Lab at CEA

HTS ACTIVITIES AT CEA-PARIS SACLAY Helene Felice for the Superconducting Magnet Lab at CEA

OVERVIEW OF LTS AND HTS ACTIVITIES AT CEA-PARIS SACLAY Helene Felice for the Superconducting Magnet Lab at CEA Special thanks to: M. Durante, P. Fazilleau, C. Lorin, T. Lecrevisse, A. Madur, D. Simon, E. Rochepault 1 4 MATERIALS NbTi Nb 3 Sn

229 views • 22 slides
Algebra II Exponential Growth and Decay 2015-11-19 www.njctl.org Slide 3 / 128 Table of

Algebra II Exponential Growth and Decay 2015-11-19 www.njctl.org Slide 3 / 128 Table of

Slide 1 / 128 Slide 2 / 128 Algebra II Exponential Growth and Decay 2015-11-19 www.njctl.org Slide 3 / 128 Table of Contents Click on topic to go to that section. Simple Annual Interest Compound Interest The Constant, e Population

1.13k views • 66 slides
Heavy isotopes cosmic ray spectrometer (HICRS) for the NUCLEON-2 mission D. Karmanov, I. Kovalev,

Heavy isotopes cosmic ray spectrometer (HICRS) for the NUCLEON-2 mission D. Karmanov, I. Kovalev,

Heavy isotopes cosmic ray spectrometer (HICRS) for the NUCLEON-2 mission D. Karmanov, I. Kovalev, A. Kurganov, M. Panasyuk, A. Panov, D. Podorozhny, G. Sedov, L. Tkatchev, A. Turundaevskiy Skobeltsyn Institute of Nuclear Physics, Moscow State

378 views • 23 slides
NASA Planetary Protection Independent Review Board (PPIRB) Summary Briefing Alan Stern PPIRB

NASA Planetary Protection Independent Review Board (PPIRB) Summary Briefing Alan Stern PPIRB

NASA Planetary Protection Independent Review Board (PPIRB) Summary Briefing Alan Stern PPIRB Chair PPIRB Background PPIRB Term: July-September 2019 PPIRB Membership: Planetary scientists, biologists, private and civil sector space

108 views • 7 slides
earth nucleus 154 Dy G. L. Zimba 1,2 , S. P Bvumbi 1 , L. P. Masiteng 1 , P. Jones 2 , S. N. T.

earth nucleus 154 Dy G. L. Zimba 1,2 , S. P Bvumbi 1 , L. P. Masiteng 1 , P. Jones 2 , S. N. T.

First observation of E1 transitions from the octupole band to the excited 0 + 2 pairing isomer band in the rare earth nucleus 154 Dy G. L. Zimba 1,2 , S. P Bvumbi 1 , L. P. Masiteng 1 , P. Jones 2 , S. N. T. Majola 2,3 , T. S. Dinoko 2,4 , J. F.

523 views • 20 slides
Current and Future balloon and space experiments L. Derome (LPSC Grenoble) Tango, May 4-6th,

Current and Future balloon and space experiments L. Derome (LPSC Grenoble) Tango, May 4-6th,

Current and Future balloon and space experiments L. Derome (LPSC Grenoble) Tango, May 4-6th, 2009 L. Derome, Tango, May 4-6th 2009 1 Plan I will focus on: Future experiments which are going to measure e + and e - CR in the forthcoming

478 views • 20 slides
Radiological Protection System Radiological Protection Collection and Collection and

Radiological Protection System Radiological Protection Collection and Collection and

Principles of Radiological Protection System Radiological Protection Collection and Collection and Establishment of Establishment of Nuclear power and Nuclear power and evaluation of evaluation of radiation safety radiation safety

128 views • 11 slides
Radiology PACS Department of Radiology and Biomedical Imaging UCSF Outline PACS Impact

Radiology PACS Department of Radiology and Biomedical Imaging UCSF Outline PACS Impact

Radiology PACS Department of Radiology and Biomedical Imaging UCSF Outline PACS Impact PACS Workflow PACS Infrastructure Collaborations Implementation Challenges PACS Impact Distribution of medical

723 views • 19 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.