attack detection and countermeasures a demo on satellite networks security n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Attack, Detection and Countermeasures: A demo on Satellite Networks Security PowerPoint Presentation
Download Presentation
Attack, Detection and Countermeasures: A demo on Satellite Networks Security

Loading in 2 Seconds...

play fullscreen
1 / 10

Attack, Detection and Countermeasures: A demo on Satellite Networks Security - PowerPoint PPT Presentation


  • 43 Views
  • Uploaded on

Attack, Detection and Countermeasures: A demo on Satellite Networks Security. Dr. Cesare Roseti, Ing. F. Belli and Prof. M. Luglio CRESM- research unit of University of Rome “ Tor Vergata”. Reference scenario. Star-based architecture DAMA to access return link CRA RBDC VBDC .

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Attack, Detection and Countermeasures: A demo on Satellite Networks Security' - wilbur


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
attack detection and countermeasures a demo on satellite networks security

Attack, Detection and Countermeasures: A demo on Satellite Networks Security

Dr. Cesare Roseti, Ing. F. Belli and Prof. M. Luglio

CRESM- researchunitofUniversityofRome “Tor Vergata”

reference scenario
Reference scenario
  • Star-basedarchitecture
  • DAMA toaccessreturn link
    • CRA
    • RBDC
    • VBDC
  • Userterminalsrun TCP/IP applications
  • Mostofappsrequiresreliability
    • TCP Connectionstowards remote servers

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

tcp over dvb rcs issues
TCP over DVB-RCS: issues
  • TCP transmissionisACK-clocked
    • The higheris RTT the sloweristhrougputincrease
    • Start up sendingvery slow
    • Underutilizationof the availableresources
  • DAMA algorithmsmay introduce variablecontributionsto the overall RTT
    • Further slow down of the bwprobing
    • Misleadingsignalsof network concestion

A performance overview

Throughputtrends

TCP transmissionscheduling

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

tcp acceleration
TCP Acceleration

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

pep vulnerability
PEP vulnerability

Connection OK

Connection OK

Transfer completed

Connection Timeout

SYN

ACK

SYN-ACK

  • PEPs terminate conns, graball TCP packets (in plain text) and re-routethem in newconnections
    • TCP PEP are notcompatiblewithIPsec Lostofconfidentialityon PEP
    • Maliciouslychangingroutingrules, TCP packet can bedroppedafter ACK transmission  Lostofreliabilityof TCP!

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

intrusion detection system
Intrusion Detection System

1. Monitor SYN and FIN record

2. Monitor bytesover TCP conns

2. Monitor bytesover TCP conns

7. Disable PEP

7. Disable PEP

8. Fixproblem and enable PEP

8. Fixproblem and enable PEP

6. RunRemediation

5. RunAlarm

4. Combine data fromprobes <#SYN,byte1,byte2>

3. Collect Data fromprobes

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

ids goal
IDS goal
  • Riskreduction!!!!
  • Riskdefinition (Re): source-unawaretrafficdropping
  • P(e): Likelihoodof the event
  • V(e): PEP adoption
  • D(e): Lostof data/Denialof Service

Reductionofthesefactors

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

demo presentation
DEMO presentation
  • DEMO through a Satellite Network EmulatorPlatform
    • Reproductionof a DVB-RCS-like network
    • DAMA overreturn link; NCC functionalities
    • TCP client connectedto Satellite terminal
    • TCP server beyond Satellite Gateway

Earlyremediation

Start FTP upload

Manualattack detection

Start attack

Time

Ordinaryoperations

Attack

Detection

Remed.

TCP Client

TCP Client

TCP Client

PEP

GEO

MaliciousUser

GEO

PEP

PacketDropping

TCP Server

TCP Server

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

move to emulator
Movetoemulator….

Workshop on "Data Security in Satellite Applications and INTERSECTION project"

result analysis
Resultanalysis

Workshop on "Data Security in Satellite Applications and INTERSECTION project"