1 / 17

Dynamic Network Emulation

Dynamic Network Emulation. Security Analysis for Application Layer Protocols. The Problem. There are many network simulation and network analysis tools designed to look at issues in Layer 2 and Layer 3 protocols.

selene
Download Presentation

Dynamic Network Emulation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dynamic Network Emulation Security Analysis for Application Layer Protocols

  2. The Problem There are many network simulation and network analysis tools designed to look at issues in Layer 2 and Layer 3 protocols … but as the use of overlay networks grow, large amounts of network activity occurs at the applicationlayer.

  3. The Problem Overlay network security can significantly depend upon network topology and routing In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity An adversary can position themselves to observe Skype calls routed through super nodes. …but we don’t have a good way to analyze the feasibility and effectiveness of these attacks

  4. The Problem: Extended In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity Bad ISP Good ISP Okay ISP

  5. The Problem: Extended In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity What if they can do it for N host-pairs? What if the adversary can force a change in routing between two hosts? Do some routing protocols exacerbate this issue?

  6. How can we answer these questions? • Ideally, the same way we do with other things • Unfortunatelythese are real applications, running in the real world, and we want to know how that world affects them Hypothesize Test Explain

  7. How can we answer these questions? • We can observe real-world data, but we have: ... limited vantage points ... little ability to test hypotheses ... no way to change the environment What we need is a application layer networkmodeling environment

  8. Modeling Environments Exist • Network Testbeds: • Clusters of isolated machines that can be reserved and configured into network topologies • Network Simulators: • Tools that simulate network applications at varying levels of fidelity • Network Emulators: • Tools that create a fake network on which real-world applications can be run without modification Each of these has downsides

  9. Modeling Environments Exist • Network testbeds can suffer from contention and scalability • Network simulators use an abstraction for the application; security often depends on corner cases • Network emulators often prevent network manipulation once configured and operating …but it’s not all bad

  10. Modeling Environments Exist • Network emulators have significant benefits • They run actual application binaries • They require drastically less hardware • Unfortunately many existing emulators use static routing and do not allow live network manipulation

  11. Project Proposal

  12. Proposal: GUFiNE “GU Flexible Network Emulation” Application instances connected in arbitrary network topologies Contained within an emulation host Host Emulator Host Emulator Or a collection of emulation hosts

  13. Proposal: GUFiNE Emulation Host Application Level Network Applications Net Emulator Control Interface Linux • Path characteristics (delay, bandwidth) and routing can be updated on the fly Packets are delayed and re-injected (without ever leaving the host). Network Emulator • Path information is stored in the routing engine and used for traffic shaping and routing Network Stack Net Emulator Routing Engine

  14. Proposal: GUFiNE • GUFiNE transparently creates a network topology for applications running on the host • Applications simply bind to an IP address alias • The control plane allows routing and network link characteristics to be modified on the fly

  15. Proposal: GUFine • Allows exploring questions in changing network conditions. • What advantage does an adversary receive if they can shift the routing between two hosts when trying to break anonymity in an onion routing network? • What if they can do it for N host-pairs? • Can explore these questions with real application binaries

  16. Proposal Requirements Part 1 Part 2 Research proposal; costs are estimated; success is not guaranteed

  17. Questions

More Related