Computer Networks & Security 2014/2015

(1)

Security and Embedded Networked Systems

Computer Networks & Security

2014/2015

Introduction (01)

Dr. Tanir Ozcelebi

Dr. Jerry den Hartog

(2)

• An interconnected configuration of

system components

• designed to communicate and share

• A connected system of things or people

– 

e.g. a network of gossip or spies

(3)

What is a computer network?

An “infrastructure” interconnecting “end-devices”

• End-devices

– 

PC’s, game consoles, smart TV’s, smart phones…

– 

Network Interface Cards (NIC) and OS are included

• Infrastructure

– 

Communication links (e.g. fiber cable, radio)

– 

Packet switches (e.g. routers, link layer switches)

A facility providing information exchange between applications that

are not sharing memory.

Physically:

(4)

• A public network of computer networks

– 

millions of end-devices, networks…

• A network infrastructure that provides

services to (globally) distributed

applications

– 

e.g. e-mail, world-wide web (www),

instant messaging, online games, VoIP,

smart TV apps, smart home apps etc.

Physically:

Logically:

What is the Internet?

Home network

Institutional network

Mobile network

Global ISP

(5)

> 1 billion hosts (pc’s, smart phones, tablets etc)

as of Jan 2015!!!

(only 500 hosts in 1983)

Metcalfe’s Law (Ethernet co-inventor):

The value, usefulness, or utility of a network

equals the square of the number of users

(or connected devices).

(6)

CISCO report on

the Internet of Things (IoT)

(7)

Network structure

• network edge

• access networks

(8)

Network edge

End systems (hosts):

• run applications at “edge of network”

• e.g. worldwide web, email

client/server model

client host requests, receives service

from always-on server, e.g. Web

browser/server; e-mail client/server

peer-to-peer model:

minimal (or no) use of dedicated

servers, e.g. Skype, BitTorrent

(9)

Access networks

An access network connects

end devices to a router.

(10)

Network core

• Interconnected routers

•  Fundamental question:

How is data transferred

from edge to edge?

(11)

Circuit switching

Provides:

• dedicated circuit per call/session

• resources dedicated for the call (no sharing)

• e.g. link bandwidth, switch capacity

• circuit-like (guaranteed) performance

• call setup needed

• resources not used by call are

idle

How to create such circuits?

(12)

Circuit switching examples: FDM

and TDM

FDM: Frequency Division Multiplexing

fre

qu

en

cy

time

TDM: Time Division Multiplexing

(13)

Packet switching

Each end-to-end data stream divided into packets

• packets share network resources

• each packet uses full link bandwidth

• prevents idle time

• resources used as needed (no reservations)

Result: Resource contention

• bandwidth demand can exceed amount

available (congestion): too many packets

• store and forward behavior: packets move

one hop at a time

–

 

Node receives complete packet before forwarding

Bandwidth division into “pieces”

Dedicated allocation

(14)

Packet switching:

Statistical multiplexing

Sequence of A & B packets does not have a fixed pattern, bandwidth shared on

demand

➨

statistical multiplexing

.

A

B

C

100 Mb/s

Ethernet

1.5 Mb/s

D

_E

statistical multiplexing

queue of packets

waiting for output

(15)

Packet switching:

Store-and-forward

• takes L/R seconds to transmit

(push out) packet of L bits on

to link at R bps

•   store and forward:

entire

packet must arrive at router

before it can be transmitted

on next link

• delay = 3L/R (assuming zero

propagation delay)

Example:

• L = 7.5 Mbits

• R = 1.5 Mbps

• transmission delay = 15 sec

R

L

(16)

Packet switching vs.

circuit switching

Example:

• 1 Mb/s link

• Each user:

– 

100 kb/s when “active”

– 

active 10% of time

HOW MANY

users

can be supported?

Packet switching allows more users to use the network!

N users

(17)

Packet switching vs.

circuit switching

Packet switching allows more users to use the network!

N users

1 Mbps link

Exercise: How did we get value 0.0004?

Example:

• 1 Mb/s link

• Each user:

– 

100 kb/s when “active”

– 

active 10% of time

– 

circuit-switching:

10 users

– 

packet switching:

(18)

Internet structure:

Network of networks

• roughly hierarchical

• at center: “tier-1” ISPs

(e.g., Verizon, Sprint, AT&T), national/

international coverage

–

 

treat each other as equals

(19)

Internet structure:

Network of networks

• “Tier-2” ISPs: smaller (often regional) ISPs

– 

Connect to one or more tier-1 ISPs, possibly other tier-2 ISPs

Tier 1 ISP

Tier-2 ISP

Tier-2 ISP pays tier-1 ISP for

(20)

Internet structure:

Network of networks

• “Tier-3” ISPs and local ISPs

– 

last hop (“access”) network (closest to end systems)

Tier 1 ISP

Tier-2 ISP

local

ISP

local

ISP

local

ISP

local

ISP

Tier 3

ISP

local

ISP

Local and tier- 3 ISPs are

(21)

Internet structure:

Network of networks

A packet passes through many networks!

Tier 1 ISP

Tier-2 ISP

local

ISP

local

ISP

local

ISP

local

ISP

Tier 3

ISP

(22)

Networks under attack:

A day’s worth of security news

(14/4/15 – www.security.nl)

• Meeste Brabanders geven geen toestemming voor inzage EPD

• Directeur Tor Project vertrekt naar internetbedrijf

• Europese campagne om netneutraliteit te beschermen

• VS waarschuwt voor verkeerd geconfigureerde DNS-servers

• Franse tv-zender TV5 gehackt via besmette e-mails

• Onderzoek: 23% gebruikers opent phishingmails

• RTF meest gebruikte bestandstype bij gerichte aanvallen

• Zero day-lek in Adobe Flash Player gepatcht

• Criminelen stelen bijna 1 miljoen dollar via Android-malware

• Malafide Hugo Boss-advertentie verspreidt ransomware

• Overheden kunnen broncode Microsoft in Brussel testen

• Microsoft schakelt SSL 3.0 in Internet Explorer 11 uit

• Microsoft waarschuwt voor einde SQL Server 2005

• Windows Server 2003 populair bij Nederlandse bedrijven

• Paspoortscanners op vliegveld Brussel zouden defect zijn

(23)

EH

R

Security on the network

Goals, threats & countermeasures

Privacy

Availability

Integrity

(24)

Most common attributes: C-I-A

• Confidentiality

• Keep your secret data / message / ... hidden

from those who are not supposed to see it.

• Integrity

• Your data / message / ... has not been altered

by those who are not supposed to change it.

• Availability

• Your data / messages / resources can be used

by those who are supposed to use (read/change/...) it.

(25)

(26)

Security in context

Policies , Models & Attackers

• Security policy; what the system should achieve

• what is allowed in which context, (+ how to enforce, etc.)

• level of abstraction varies; `need to know’ vs `drwxr-xr-x’

• security model in which to express & interpret policies;

−

 

for example relations on Users - Objects - Permissions - Groups.

• Attacker Model

• Attacker capabilities & goals; these impact security

−

 

https connection is `secure’ if attacker is eavesdropper, not if

(27)

A chain is as strong as its weakest link

Need to address Security

• for whole system & context

• from the start; adding on later does not work

Looking at single aspect is looking at single link

• system design (no HTTPS support for website)

• implementation (Heartbleed bug in OpenSSL)

• strength of mechanism (old SSL instead of TLS)

• system usage (user does not check for HTTPS)

(28)

Implementation flaws

Basic idea buffer overflow

call routine CheckPin

routine CheckPin

{ char pin[ 4 ];

pin <= userInput;

User enters: 1234<AddressY>

...

return;

}

Put return address on stack:

<addressX>

(return address)

Local variables on stack:

? ? ? ?

(four empty bytes)

<addressX>

(return address)

User input copied to stack

1 2 3 4

(user entry)

<addressY>

(return address)

Remove local vars, return to:

(29)

(30)

Security Engineering & Trade-offs

Techniques to address specific threats

• cryptography, authentication, access control, etc.

• each imposes trade-offs;

• availability vs confidentiality, integrity vs cost, etc.

• no `absolute security’ but: find right trade-offs

Combine into comprehensive security architecture:

• identify requirements, risks & threats,

(31)

Requirements Elicitation

(32)

Conclusions

• Computer networks (also the Internet) are well-structured.

• network edge, access networks, network core

−

 

The Internet adds sub-structure to this: ISP hierarchy

• Security is not an `add-on’ feature

• Needs to be taken into account from the start

• Requires looking at the `complete picture’

• Consider whole system & context not just isolated parts

• Try to place treated security techniques in context

• What is their role in a security architecture

• What goals can they achieve