sos: secure overlay services a.keromytis, v. misra, and d. rubenstein presented by tsirbas rafail
TRANSCRIPT
![Page 1: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/1.jpg)
SOS: Secure Overlay Services
A. Keromytis, V. Misra, and D. Rubenstein
Presented by Tsirbas Rafail
![Page 2: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/2.jpg)
The main components
• Target
• Legitimate user
• Attacker
![Page 3: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/3.jpg)
The basic idea
• DoS attacks succeed because the target is easy to find
• SOS Idea: Create an overlay and send the traffic through it
![Page 4: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/4.jpg)
The Goal
• Allow already approved users to communicate with a target
• Prevent attackers packets from reaching the target
• The solution must be easy to distribute
![Page 5: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/5.jpg)
1st Step - Filter• Routers near target filter packets
according to their IP address– Legitimate users’ IP addresses
allowed through– Illegitimate users’ IP addresses
aren’t
Problems:I)“good” and “bad” user
share the same IP addressII)”bad” user knows “good”
user’s IPIII)”good” user changes IP
frequently
Target
Filter
![Page 6: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/6.jpg)
2nd Step - Proxy• Install Proxies outside the filter
whose IP addresses are permitted through the filter– Proxy only lets verified packets
from legitimate sources through the filter
Problem:I)Attacker pretends to be
the proxyII)Attacker attacks the
proxy
Proxy Target
![Page 7: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/7.jpg)
3rd Step – Secret Servlet• Keep the identity of the proxy
secret– Name it Secret Servlet– Secret Servlet is known only by the
target, and a few other points in the network
![Page 8: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/8.jpg)
4th Step – Overlays
• Send traffic to the secret servlet via a network overlay– Nodes: Devices– Paths: IP paths
Verification can be performed inside each node
Node
Node
Network overlay
![Page 9: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/9.jpg)
5th Step – SOAP
• Secure Overlay Access Points– Receive unverified packets and
verify(IPsec,TLS)– Large number of SOAPS– Distributed firewall
Node
Node
soap
soap
soap
![Page 10: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/10.jpg)
Routing inside SOS
• Random route until secure servlet is reached(Inefficient)
• Instead use Chord service(hash function)
• Reaches a unique node called beacon
• Secret servlet, target inform beacon
Node
Node
soap
soap
soap
Node
beacon
![Page 11: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/11.jpg)
Overview of SOS
User
Node
Node
soap
soap
soap
Node
beaconNode
Node
SecureServlet
Target
SecureServlet
SecureServlet
SecureServlet
beacon
beacon
![Page 12: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/12.jpg)
Attacking SOS
• You can not directly attack target• Attack secret servlet• Attack beacons• Attack other overlay nodes
![Page 13: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/13.jpg)
Attacking Analysis
Static Attack• N # of nodes in the overlay• SOAP = 10• Beacon = 10• Secure Servlet = 10
In order to have a successful DoS attack almost all overlay nodes must be compromised!
![Page 14: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/14.jpg)
Attacking Analysis
Static Attack• Overlay Nodes • Compromised Nodes • Change the number of
beacons/servlets
In order to have a successful DoS attack number of beacons must be quite small!
![Page 15: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/15.jpg)
Attacking Analysis
• Dynamic Attacks– SOS detects & removes attacked nodes– Attacker shifts from a removed node to an active one
• Overlay Nodes
• Change the value of r
![Page 16: SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail](https://reader036.vdocuments.site/reader036/viewer/2022070400/56649f115503460f94c24ad4/html5/thumbnails/16.jpg)
Conclusions
• SOS protects a target from DoS attacks• How?– Filter around the target– Hidden proxies– Network overlay for legitimate users to reach
hidden proxies