1 / 10

Attack, Detection and Countermeasures: A demo on Satellite Networks Security

Attack, Detection and Countermeasures: A demo on Satellite Networks Security. Dr. Cesare Roseti, Ing. F. Belli and Prof. M. Luglio CRESM- research unit of University of Rome “ Tor Vergata”. Reference scenario. Star-based architecture DAMA to access return link CRA RBDC VBDC .

wilbur
Download Presentation

Attack, Detection and Countermeasures: A demo on Satellite Networks Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Attack, Detection and Countermeasures: A demo on Satellite Networks Security Dr. Cesare Roseti, Ing. F. Belli and Prof. M. Luglio CRESM- researchunitofUniversityofRome “Tor Vergata”

  2. Reference scenario • Star-basedarchitecture • DAMA toaccessreturn link • CRA • RBDC • VBDC • Userterminalsrun TCP/IP applications • Mostofappsrequiresreliability • TCP Connectionstowards remote servers Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  3. TCP over DVB-RCS: issues • TCP transmissionisACK-clocked • The higheris RTT the sloweristhrougputincrease • Start up sendingvery slow • Underutilizationof the availableresources • DAMA algorithmsmay introduce variablecontributionsto the overall RTT • Further slow down of the bwprobing • Misleadingsignalsof network concestion A performance overview Throughputtrends TCP transmissionscheduling Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  4. TCP Acceleration Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  5. PEP vulnerability Connection OK Connection OK Transfer completed Connection Timeout SYN ACK SYN-ACK • PEPs terminate conns, graball TCP packets (in plain text) and re-routethem in newconnections • TCP PEP are notcompatiblewithIPsec Lostofconfidentialityon PEP • Maliciouslychangingroutingrules, TCP packet can bedroppedafter ACK transmission  Lostofreliabilityof TCP! Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  6. Intrusion Detection System 1. Monitor SYN and FIN record 2. Monitor bytesover TCP conns 2. Monitor bytesover TCP conns 7. Disable PEP 7. Disable PEP 8. Fixproblem and enable PEP 8. Fixproblem and enable PEP 6. RunRemediation 5. RunAlarm 4. Combine data fromprobes <#SYN,byte1,byte2> 3. Collect Data fromprobes Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  7. IDS goal • Riskreduction!!!! • Riskdefinition (Re): source-unawaretrafficdropping • P(e): Likelihoodof the event • V(e): PEP adoption • D(e): Lostof data/Denialof Service Reductionofthesefactors Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  8. DEMO presentation • DEMO through a Satellite Network EmulatorPlatform • Reproductionof a DVB-RCS-like network • DAMA overreturn link; NCC functionalities • TCP client connectedto Satellite terminal • TCP server beyond Satellite Gateway Earlyremediation Start FTP upload Manualattack detection Start attack Time Ordinaryoperations Attack Detection Remed. TCP Client TCP Client TCP Client PEP GEO MaliciousUser GEO PEP PacketDropping TCP Server TCP Server Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  9. Movetoemulator…. Workshop on "Data Security in Satellite Applications and INTERSECTION project"

  10. Resultanalysis Workshop on "Data Security in Satellite Applications and INTERSECTION project"

More Related