1 / 54

Attacking wireless InternetHannu H. Kari

original page deleted, found still from Internet archive: ... Internet attacks, such as DDoS (Distributed Denial of Service) attacks, could have ...

erika
Download Presentation

Attacking wireless InternetHannu H. Kari

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    Slide 1:Attacking (wireless) Internet Hannu H. Kari

    Slide 2: ... a short flashback ...

    Slide 3:Yksityisyys langattomissa verkoissa Hannu H. KARI 07.01.2003 virkaanastujaisesitelmä

    Slide 4:Yksityisyys nykyaikana?

    Slide 5:Yksilö ja yksityisyys

    Slide 6:Yksityisyys ja sähkömagneettinen aura

    Slide 7:Esimerkki: Ketkä ovat kavereita?

    Slide 8:Esimerkki: Ketkä ovat kavereita?

    Slide 9:Yksityisyyden viisi/kuusi luokkaa Informaatio (data privacy) Kohde/lähde (identity privacy) Tapahtumapaika (location privacy) Tapahtuma-aika (time privacy) Olemassaolo (privacy of existence) + Tapahtuma (transaction)

    Slide 10:Yksilö vs. yhteiskunta

    Slide 11: And now back to our original program ...

    Slide 12: History

    Slide 13:Technology enhancements

    Slide 14:Technology enhancements

    Slide 15:Technology enhancements The same thing has happened in Internet in 10…15 years!

    Slide 16: Need for privacy?

    Slide 17:Analogy for identification: Pets (news.wisc.edu)

    Slide 18:Human identification today

    Slide 19:Human identification some 60 years ago ... and ... today

    Slide 20:Need for privacy

    Slide 21:Need for privacy

    Slide 22:Need for privacy

    Slide 23:Need for privacy

    Slide 24:Need for privacy

    Slide 25:Need for privacy

    Slide 26:Need for privacy

    Slide 27:Wireless network eavesdropping

    Slide 28:Privacy Definition of Privacy Privacy is the claim of individuals, groups, and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others. Alan Westin 1967

    Slide 29: Threats

    Slide 30:Holmlund: Verkkohyökkäys voi uhata rahaliikennettä {10.11.2008: MPK 187:n avajaiset} YETTS: yhteiskunnan elintärkeät toiminnot tulee turvata kaikissa tilanteissa Myyrmanni, Jokela & Kauhajoki: * syrjäytyminen sisäisen turvallisuutemme suurin uhka * monia ei-toivottuja kehitystrendejä Tarkoituksellisin verkkohyökkäyksin saatetaan heikentää valtion päätöksentekojärjestelmien tai esimerkiksi rahaliikenteen toimivuutta Ikävät tapahtumat tulevat eteemme aina jossain määrin yllätyksenä* varautumisesta ja riskianalyyseista huolimatta. Asymmetrinen maailma, asymmetriset arvot ja motiivit Kaikki uhkat eivät välttämättä tule ulkoa

    Slide 31:Main threats of Internet 1. We loose our confidence 2. Internet does not work 3. We loose data/money with Internet

    Slide 32: Scenario ”3/2011”

    Slide 33:Scenario “3/2011” Election in a small EU country a country famous on ICT usage, including electronic voting During the election days, a massive DDoS attack is launched against the election system Electronic voting system is unavailable for several hours As a back up alternative, people will use ”traditional paper voting system” No harm done????

    Slide 34:Scenario “3/2011” Report for the Council of Europe: Internet voting in the March 2007 Parliamentary Elections in Estonia Internet attacks, such as DDoS (Distributed Denial of Service) attacks, could have hampered the ability to run the e-voting application. An extension of the e-voting period could potentially make it more difficult to launch such attacks. ... But will anyone really seriously think electronic voting as a viable alternative for paper voting after this??? NO! We have lost the game permanently

    Slide 35: Design flaws of Internet

    Slide 36:Security problems in Internet, samples

    Slide 37:Security problems in Internet, samples

    Slide 38:Who and Why? WHY Motivations: Social behavior Vandalism Money Ideology Military strategic interests

    Slide 39:Internet design criterion Primary goals Multiplexing of channel Various network archtectures Administrative boundaries Packet switching Gateways (routers) between networks Secondary goals Robustness (loss of routers and links) Multiple services (reliable or realtime data) Usage of various networks Distributed management Cost efficient implementation Simple attachement to network Resource usage monitoring

    Slide 40:Implicit Internet design criterion Silent assumptions Benevolence Openness Low level of dynamicity No mobility Limited computation capacity High cost of crypto algorithms Limited bandwidth

    Slide 41:Internet design flaws Original design principles: The enemy is out there! ”Everybody can send anything to anybody” Security measures are introduced afterwards The new design principles: The enemy is among us! We must be prepared to pay for security/reliability in form of computation power, bandwidth, energy, etc. Strong security as the fundamental building block Legal sanctions against malevolent entities Every packet must have an owner!

    Slide 42: Security domains

    Slide 43:Four security domains

    Slide 44:Four security domains

    Slide 45: Securing network infrastructure

    Slide 46:Traditional Internet usage

    Slide 47:Short term solution:Secured Infrastructure Router (SIR)

    Slide 48:Secured Infrastructure Router (SIR)

    Slide 49:Alternative SIR operation

    Slide 50: Conclusions

    Slide 51:Conclusions Privacy in Internet is vital Especially in wireless environment in all 5/6 categories Risks with Internet are imminent ...due to original design flaws of Internet Architecture with several levels of security Plan-B: ”What shall we do, when our network doesn’t work?” What is the minimum level of service? How to handle ”Internet brand”

    Slide 53:Good/Bad things of Internet Google.cn: ”tiananmen square” – 12 first image hits

    Slide 54:Good/Bad things of Internet Google.com: ”tiananmen square” – 12 first image hits

More Related