HTTP! Encrypted! Information can be! Stolen through! TCP-windows
|
|
- David Hoover
- 6 years ago
- Views:
Transcription
1 HTTP! Encrypted! Information can be! Stolen through! TCP-windows by! Mathy Vanhoef & Tom Van Goethem
2 Agenda Technical background! Same-Origin Policy! Compression-based attacks! SSL/TLS & TCP! Nitty gritty HEIST details! Demo! Countermeasures 2
3 Same-Origin Policy GET /vault Mr. Sniffles 3
4 Same-Origin Policy GET /vault Mr. Sniffles 3
5 the World Wide Web Mr. Sniffles 4
6 the World Wide Web Mr. Sniffles 4
7 the World Wide Web GET /vault Mr. Sniffles HEIST 4
8 the World Wide Web GET /vault Mr. Sniffles HEIST 4
9 the World Wide Web GET /vault Mr. Sniffles HEIST 4
10 the World Wide Web GET /vault Mr. Sniffles HEIST 4
11 the World Wide Web GET /vault Mr. Sniffles HEIST 5
12 the World Wide Web GET /vault Mr. Sniffles HEIST 6
13 Agenda Technical background! Same-Origin Policy! Compression-based attacks! SSL/TLS & TCP! Nitty gritty HEIST details! Demo! Countermeasures 7
14 /vault Uncompressed Compressed You requested: /vault You requested: /vault vault_secret=carrots4life _secret=carrots4life 51 bytes 47 bytes 8
15 /vault?secret=a /vault?secret=c You requested: /vault?secret=a You requested: /vault?secret=c _ carrots4life _ arrots4life 50 bytes 49 bytes 9
16 /vault?secret=a /vault?secret=c You requested: You requested: /vault?secret=a /vault?secret=c 49 bytes < 50 bytes 'c' is a correct guess _ carrots4life _ arrots4life 50 bytes 49 bytes 10
17 /vault?secret=ca /vault?secret=cb You requested: /vault?secret=ca You requested: /vault?secret=cb _ rrots4life _ arrots4life 49 bytes 50 bytes 11
18 /vault?secret=ca /vault?secret=cb You requested: You requested: /vault?secret=ca /vault?secret=cb 49 bytes < 50 bytes 'ca' is a correct guess _ rrots4life _ arrots4life 49 bytes 50 bytes 12
19 Compression-based Attacks Compression and Information Leakage of Plaintext [FSE'02]! Chosen plaintext + compression = plaintext leakage! CRIME [ekoparty'12]! Exploits SSL compression! BREACH [Black Hat USA'13]! Exploits HTTP compression 13
20 Agenda Technical background! Same-Origin Policy! Compression-based attacks! SSL/TLS & TCP! Nitty gritty HEIST details! Demo! Countermeasures 14
21 GET /vault TCP handshake SYN SYN, ACK ACK SSL handshake Client Hello Server Hello Pre-Master Secret 15
22 GET /vault encrypt( GET /vault HTTP/1.1 Cookie: user=mr.sniffles! Host: bunnehbank.com!... ) 1 TCP data packet 16
23 encrypt( ) = 29 TCP data packets 17
24 encrypt( ) = 29 TCP data packets TCP packet 1 TCP packet 2 initcwnd = TCP packet 10 18
25 encrypt( ) = 29 TCP data packets TCP packet 1 TCP packet 2 initcwnd = TCP packet ACKs 18
26 encrypt( ) = 29 TCP data packets TCP packet 1 TCP packet 2 initcwnd = TCP packet ACKs cwnd = 20 18
27 encrypt( ) = 29 TCP data packets TCP packet 1 TCP packet 2 initcwnd = TCP packet ACKs cwnd = 20 TCP packet TCP packet 29 18
28 HEIST A set of techniques that allow attacker to determine the exact size of a network response!... purely in the browser! Can be used to perform compression-based attacks, such as CRIME and BREACH, in the browser 19
29 Browser Side-channels Send authenticated request to /vault resource! fetch(' {mode: "no-cors", credentials:"include"}) Returns a Promise, which resolves as soon as browser receives the first byte of the response performance.getentries()[-1].responseend Returns time when response was completely downloaded 20
30 HEIST Step 1: find out if response fits in a single TCP window 21
31 Fetching small resource: T2 - T1 is very small TCP handshake complete GET /vault first byte received initial TCP window received T1 T2 time initial TCP responseend fetch('...') window sent SSL handshake complete Promise resolves 22
32 Fetching large resource: T2 - T1 is round-trip time TCP handshake complete first byte received second TCP window received GET /vault initial TCP window received T1 T2 time initial TCP ACK sent responseend fetch('...') window sent SSL handshake complete Promise resolves second TCP window sent 23
33 HEIST Step 1: find out if response fits in a single TCP window! Step 2: discover exact response size 24
34 Discover Exact Response Size initcwnd second TCP window Resource size:?? bytes Reflected content: x bytes 25
35 Discover Exact Response Size initcwnd second TCP window Resource size:?? bytes Reflected content: x/2 bytes 26
36 Discover Exact Response Size initcwnd second TCP window Resource size:?? bytes Reflected content: x/2+x/4 bytes 27
37 After log(n) checks, we find:! y bytes of reflected content = 1 TCP window!! y+1 bytes of reflected content = 2 TCP windows resource size = initcwnd - y bytes initcwnd second TCP window Resource size:?? bytes Reflected content: y bytes 28
38 HEIST Step 1: find out if response fits in a single TCP window! Step 2: discover exact response size! Step 3: do the same for large responses ( > initcwnd) 29
39 Determine size of large responses Large response = bigger than initial TCP window initcwnd is typically set to 10 TCP packets! ~14kB! TCP windows grow as packets are acknowledged! We can arbitrarily increase window size 30
40 = 19 TCP data packets GET /foo CWND = TCP packets 10 ACKs CWND = 20 GET /vault 19 TCP packets 19 ACKs sent in single TCP window 31
41 HEIST Step 1: find out if response fits in a single TCP window! Step 2: discover exact response size! Step 3: do the same for large responses ( > initcwnd)! Step 4: if available, leverage HTTP/2 32
42 Leveraging HTTP/2 HTTP/2 is the new HTTP version! Preserves the semantics of HTTP! Main changes are on the network level! Only a single TCP connection is used for parallel requests 33
43 Leveraging HTTP/2 Determine exact response size without reflected content in the same response! Use (reflected) content in other responses on the same server! Note that BREACH still requires (a few bytes of) reflective content in the same resource 34
44 = 6 TCP packets /reflect?x=... = 3 TCP packets GET /reflect?x=... CWND = 10 GET /vault Promise 9 TCP packets resolves responseend 9 ACKs contains both /reflect and /vault 35
45 = 6 TCP packets /reflect?x=... = 5 TCP packets GET /reflect?x=... CWND = 10 GET /vault Promise 10 TCP packets resolves 10 ACKs 1 TCP packet CWND = 20 responseend 1 ACK contains both /reflect and part of /vault 36
46
47 DEMO 38
48 Other targets Compression-based attacks! gzip compression is used by virtually every website! Size-exposing attacks! Uncover victim's demographics from popular social networks! Reveal victim's health conditions from online health websites!...! Hard to find sites that are not vulnerable 39
49 Countermeasures Browser layer! Prevent side-channel leak (infeasible)! Disable third-party cookies (complete)! HTTP layer! Block illicit requests (inadequate)! Disable compression (incomplete)! Network layer! Randomize TCP congestion window (inadequate)! Apply random padding (inadequate) 40
50 Conclusion Collection of techniques to discover network response size in the browser, for all authenticated cross-origin resources! Side-channel originates from subtle interplay between multiple layers! Allows for compression-based and size-exposing attacks! HTTP/2 makes exploitation easier! Many countermeasures, few that actually work 41
51 Questions? Mathy Tom Van
A Perfect CRIME? TIME Will Tell. Tal Be ery, Imperva
A Perfect CRIME? TIME Will Tell Tal Be ery, Imperva Presenter: Tal Be ery, CISSP Web Security Research Team Leader at Imperva Holds MSc & BSc degree in CS/EE from TAU 10+ years of experience in IS domain
More informationRequest and Conquer: Exposing Cross-Origin Resource Size
Request and Conquer: Exposing Cross-Origin Resource Size Tom Van Goethem, Mathy Vanhoef, Frank Piessens, and Wouter Joosen, Katholieke Universiteit Leuven https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/goethem
More informationSecure Internet Communication
Secure Internet Communication Can we prevent the Cryptocalypse? Dr. Gregor Koenig Barracuda Networks AG 09.04.2014 Overview Transport Layer Security History Orientation Basic Functionality Key Exchange
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationKey Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef @vanhoefm CCS 2017, 1 October 2017 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned 2 Overview
More informationCSCI 466 Midterm Networks Fall 2013
CSCI 466 Midterm Networks Fall 2013 Name: This exam consists of 6 problems on the following 7 pages. You may use your single-sided hand-written 8 ½ x 11 note sheet and a calculator during the exam. No
More informationWiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake Mathy Vanhoef - @vanhoefm imec-distrinet, KU Leuven Black Hat, 27 July 2017 Introduction More and more Wi-Fi network
More informationPETAL: Preset Encoding Table Information Leakage
PETAL: Preset Encoding Table Information Leakage Jiaqi Tan, Jayvardhan Nahata Contact: tanjiaqi@cmu.edu CMU-PDL-13-106 April 2013 Parallel Data Laboratory Carnegie Mellon University Pittsburgh, PA 15213-3890
More informationAll Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS
All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS Mathy Vanhoef and Frank Piessens, KU Leuven USENIX Security 2015 RC4 Intriguingly simple stream cipher WEP WPA-TKIP SSL / TLS PPP/MPPE And
More informationTransport Layer Security
Transport Layer Security TRANSPORT LAYER SECURITY PERFORMANCE TESTING OVERVIEW Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL), are the most popular cryptographic protocols
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationTLS1.2 IS DEAD BE READY FOR TLS1.3
TLS1.2 IS DEAD BE READY FOR TLS1.3 28 March 2017 Enterprise Architecture Technology & Operations Presenter Photo Motaz Alturayef Jubial Cyber Security Conference 70% Privacy and security concerns are
More informationAttacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
More informationNovel Instruction Set Architecture Based Side Channels in popular SSL/TLS Implementations
Novel Instruction Set Architecture Based Side Channels in popular SSL/TLS Implementations Student Name: Vaishali Garg IIIT-D-MTech-CS-IS-13-018 Indraprastha Institute of Information Technology New Delhi
More informationFrequently Asked Questions WPA2 Vulnerability (KRACK)
Frequently Asked Questions WPA2 Vulnerability (KRACK) Release Date: October 20, 2017 Document version: 1.0 What is the issue? A research paper disclosed serious vulnerabilities in the WPA and WPA2 key
More informationNew Zealand Cyber Security Challenge 2018 Round Zero write-up
New Zealand Cyber Security Challenge 2018 Round Zero write-up Challenge 1 This is a simple challenge that can be solved using your browser s developer tools (right-click, inspect element). You will notice
More informationKey Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy Vanhoef, PhD Wi-Fi Alliance meeting Bucharest, 24 October 2017
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef, PhD Wi-Fi Alliance meeting Bucharest, 24 October 2017 Overview 1. Key reinstallation in 4-way handshake 2. Misconceptions and remarks
More informationKRACKing WPA2 by Forcing Nonce Reuse. Mathy Nullcon, 2 March 2018
KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Nullcon, 2 March 2018 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that s secure? Seems so! No attacks
More informationTLS Security and Future
TLS Security and Future Martin Stanek Department of Computer Science Comenius University stanek@dcs.fmph.uniba.sk Cryptology 1 (2017/18) Content Fixing issues in practice Trust, Checking certificates and
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationRelease Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7
Release Notes for Epilog for Windows v1.7 InterSect Alliance International Pty Ltd Page 1 of 16 About this document This document provides release notes for Snare Enterprise Epilog for Windows release.
More informationOWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example
Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example Tim Bass, CISSP Chapter Leader, Thailand +66832975101, tim@unix.com AppSec Asia October 21, 2008 Thailand Worldwide
More informationKRACKing WPA2 by Forcing Nonce Reuse. Mathy Chaos Communication Congress (CCC), 27 December 2017
KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Chaos Communication Congress (CCC), 27 December 2017 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that
More informationNetwork Security Technology Project
Network Security Technology Project Shanghai Jiao Tong University Presented by Wei Zhang zhang-wei@sjtu.edu.cn!1 Part I Implement the textbook RSA algorithm. The textbook RSA is essentially RSA without
More informationKRACKing WPA2 in Practice Using Key Reinstallation Attacks. Mathy BlueHat IL, 24 January 2018
KRACKing WPA2 in Practice Using Key Reinstallation Attacks Mathy Vanhoef @vanhoefm BlueHat IL, 24 January 2018 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned
More informationDefeating All Man-in-the-Middle Attacks
Defeating All Man-in-the-Middle Attacks PrecisionAccess Vidder, Inc. Defeating All Man-in-the-Middle Attacks 1 Executive Summary The man-in-the-middle attack is a widely used and highly preferred type
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationLecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationSharkFest 17 Europe. 20 QUIC Dissection. Using Wireshark to Understand QUIC Quickly. Megumi Takeshita. ikeriri network service
SharkFest 17 Europe 20 QUIC Dissection Using Wireshark to Understand QUIC Quickly ParkSuite Classroom 11 November 2017 11:15am-12:30pm Megumi Takeshita ikeriri network service supplimental files http://www.ikeriri.ne.jp/sharkfest
More informationTLS 1.1 Security fixes and TLS extensions RFC4346
F5 Networks, Inc 2 SSL1 and SSL2 Created by Netscape and contained significant flaws SSL3 Created by Netscape to address SSL2 flaws TLS 1.0 Standardized SSL3 with almost no changes RFC2246 TLS 1.1 Security
More informationInitial connection setup. Adding subflow setup. Three-way handshake with MP_CAPABLE Exchange 64 bit key(key-a, Key-B)
- 2 - Despite the short history, Multipath TCP(MPTCP) prevails drastically As MPTCP was deployed, security concerns increase There have been multiple attempts at verifications to security of MPTCP Initial
More informationBreaking Korea Transit Card with Side-Channel Attack
Breaking Korea Transit Card with Side-Channel Attack -Unauthorized Recharging- Black Hat Asia 2017 Tae Won Kim, Tae Hyun Kim, and Seokhie Hong Outline 1. Attack Goal & Scenario 2. Target Device Details
More informationECE 435 Network Engineering Lecture 10
ECE 435 Network Engineering Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 28 September 2017 Announcements HW#4 was due HW#5 will be posted. midterm/fall break You
More informationAn Investigation of the FreeBSD r RNG Bugfix
Manuscript. First posted online October 3, 2016. An Investigation of the FreeBSD r278907 RNG Bugfix Wilson Lian Hovav Shacham Stefan Savage Abstract Operating systems and applications rely on random number
More informationSecurity and Authentication
Security and Authentication CS 370 SE Practicum, Cengiz Günay (Some slides courtesy of Eugene Agichtein and the Internets) CS 370, Günay (Emory) Security and Authentication Spring 2014 1 / 15 Agenda Upcoming
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationSPDY - A Web Protocol. Mike Belshe Velocity, Dec 2009
SPDY - A Web Protocol Mike Belshe Velocity, Dec 2009 What is SPDY? Concept SPDY is an application layer protocol for transporting content over the web with reduced latency. Basic Features 1. Multiplexed
More informationHP 2012 Cyber Security Risk Report Overview
HP 2012 Cyber Security Risk Report Overview September 2013 Paras Shah Software Security Assurance - Canada Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More information20: Networking (2) TCP Socket Buffers. Mark Handley. TCP Acks. TCP Data. Application. Application. Kernel. Kernel. Socket buffer.
20: Networking (2) Mark Handley TCP Socket Buffers Application Application Kernel write Kernel read Socket buffer Socket buffer DMA DMA NIC TCP Acks NIC TCP Data 1 TCP Socket Buffers Send-side Socket Buffer
More informationIntroduction to Wireshark
1 Introduction to Wireshark By Kitisak Jirawannakool E-Government Agency (Public Organization) 2 Agenda What is Network monitoring? Why we need? About wireshark? Demo Exercises What is Network Monitoring?
More informationWashington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) A B C
Washington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) Your name: This exam consists 13 numbered problems on 6 pages printed front and back on 3 sheets. Please
More informationCSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management
CSE/EE 461 Lecture 13 Connections and Fragmentation Tom Anderson tom@cs.washington.edu Peterson, Chapter 5.2 TCP Connection Management Setup assymetric 3-way handshake Transfer sliding window; data and
More informationExperimental Evaluation of Transport Services CoAP, HTTP and SPDY for Internet of Things
Experimental Evaluation of Transport Services CoAP, HTTP and SPDY for Internet of Things Laila Daniel, Markku Kojo and Mikael Latvala Department of Computer Science University of Helsinki Mosa Consulting,
More informationClosed book. Closed notes. No electronic device.
414-S17 (Shankar) Exam 3 PRACTICE PROBLEMS Page 1/6 Closed book. Closed notes. No electronic device. 1. Anonymity Sender k-anonymity Receiver k-anonymity Authoritative nameserver Autonomous system BGP
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationInternet security and privacy
Internet security and privacy SSL/TLS 1 Application layer App. TCP/UDP IP L2 L1 2 Application layer App. SSL/TLS TCP/UDP IP L2 L1 3 History of SSL/TLS Originally, SSL Secure Socket Layer, was developed
More informationAttacks on SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dez. 6th, 2016
Attacks on SSL/TLS Applied Cryptography Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dez. 6th, 2016 Timeline of attacks on SSL/TLS 2/41 SSLstrip 2010 2011 2012 2013 2014 2015 2016 BEAST POODLE
More informationCS 361S - Network Security and Privacy Spring Homework #2
CS 361S - Network Security and Privacy Spring 2014 Homework #2 Due: 11am CDT (in class), April 17, 2014 YOUR NAME: Collaboration policy No collaboration is permitted on this assignment. Any cheating (e.g.,
More informationOCSP Stapling. Let the web server protect the users! SWITCHpki Team Bern, SWITCH 1
Stapling Let the web server protect the users! SWITCHpki Team pki@switch.ch Bern, 29.03.2017 2017 SWITCH 1 Rejecting Revoked Certificates Web browsers should check whether a web server's SSL certificate
More informationRooting Routers Using Symbolic Execution. Mathy HITB DXB 2018, Dubai, 27 November 2018
Rooting Routers Using Symbolic Execution Mathy Vanhoef @vanhoefm HITB DXB 2018, Dubai, 27 November 2018 Overview Symbolic Execution 4-way handshake Handling Crypto Results 2 Overview Symbolic Execution
More informationWhen HTTPS Meets CDN
When HTTPS Meets CDN A Case of Authentication in Delegated Service Jinjin Liang 1, Jian Jiang 1, Haixin Duan 1, Kang Li 2, Tao Wan 3, Jianping Wu 1 1 Tsinghua University 2 University of Georgia 3 Huawei
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 1: Introduction to Systems Security Endadul Hoque 1 Why should you care? Security impacts our day-to-day life Become a security-aware user Make safe decisions Become a security-aware
More informationMicro-Architectural Attacks and Countermeasures
Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack
More informationImma Chargin Mah Lazer
Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types
More informationTopics. Ensuring Security on Mobile Devices
Ensuring Security on Mobile Devices It is possible right? Topics About viaforensics Why mobile security matters Types of security breaches and fraud Anticipated evolution of attacks Common mistakes that
More informationWhy WAN accelerators (still) matter? Andrea Dainese Data Center Engineer
Why WAN accelerators (still) matter? Data Center Engineer Presentation Data Center Engineer @ Cerved Group SpA Red Hat RHCE VMware VCP-DCV NetApp NCIE-SAN Cisco CCIE Who is Andrea Dainese Cisco Architecture
More informationRelease note Tornaborate
Release note 1.2.6 Tornaborate 2015-09-10 Contents 1 Summary 4 2 Additional important information about this release 5 3 Upgrade 6 3.1 Prerequisites................................... 6 3.2 How to apply
More informationNetwork Vulnerability Scan
Network Vulnerability Scan Aug 28, 2018 Ethnio, Inc. 6121 W SUNSET BLVD LOS angeles, CA 90028 Tel (888) 879-7439 ETHN.io Summary Ethnio conducts ongoing network vulnerability scans using both Qualys and
More informationSSL/TLS. How to send your credit card number securely over the internet
SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationDenial of Service. EJ Jung 11/08/10
Denial of Service EJ Jung 11/08/10 Pop Quiz 3 Write one thing you learned from today s reading Write one thing you liked about today s reading Write one thing you disliked about today s reading Announcements
More informationSSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1
SSL/TLS & 3D Secure CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk SSL/TLS & 3DSec 1 SSLv2 Brief History of SSL/TLS Released in 1995 with Netscape 1.1 Key generation algorithm
More informationHTTPS Setup using mod_ssl on CentOS 5.8. Jeong Chul. tland12.wordpress.com. Computer Science ITC and RUPP in Cambodia
HTTPS Setup using mod_ssl on CentOS 5.8 Jeong Chul tland12.wordpress.com Computer Science ITC and RUPP in Cambodia HTTPS Setup using mod_ssl on CentOS 5.8 Part 1 Basic concepts on SSL Step 1 Secure Socket
More informationWHITE PAPER. Secure communication. - Security functions of i-pro system s
WHITE PAPER Secure communication - Security functions of i-pro system s Panasonic Video surveillance systems Table of Contents 1. Introduction... 1 2. Outline... 1 3. Common security functions of the i-pro
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationTLS (TRANSPORT LAYER SECURITY) PROTOCOL
TLS ATTACKS CHRISTA PHILIPPOU PROFESOR: ELIAS AHANASOPOULOS UNIVERSITY OF CYPRUS EPL 682 ADVANCED SECURITY TOPICS Ø ON THE EFFECTIVE PREVENTION OF TLS MAN-IN-THE-MIDDLE ATTACKS IN WEB APPLICATIONS. USENIX
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationImproving TCP/IP Security Through Randomization Without Sacrificing Interoperability. Michael J. Silbersack. November 26th, 2005
Improving TCP/IP Security Through Randomization Without Sacrificing Interoperability Michael J. Silbersack November 26th, 2005 http://www.silby.com/eurobsdcon05/ What does that title mean? TCP was not
More informationNo, the bogus packet will fail the integrity check (which uses a shared MAC key).!
1. High level questions a. Suppose Alice and Bob are communicating over an SSL session. Suppose an attacker, who does not have any of the shared keys, inserts a bogus TCP segment into a packet stream with
More informationImproved KRACK Attacks Against WPA2 Implementations. Mathy OPCDE, Dubai, 7 April 2018
Improved KRACK Attacks Against WPA2 Implementations Mathy Vanhoef @vanhoefm OPCDE, Dubai, 7 April 2018 Overview Key reinstalls in 4-way handshake New KRACKs Practical impact Lessons learned 2 Overview
More informationDenial of Service (DoS) attacks and countermeasures
Dipartimento di Informatica Università di Roma La Sapienza Denial of Service (DoS) attacks and countermeasures Definitions of DoS and DDoS attacks Denial of Service (DoS) attacks and countermeasures A
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Transport Layer Security (TLS) University of Tartu Spring 2017 1 / 22 Transport Layer Security TLS is cryptographic protocol that provides communication security over the
More informationHTTPS is Fast and Hassle-free with Cloudflare
HTTPS is Fast and Hassle-free with Cloudflare 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com In the past, organizations had to choose between performance and security when encrypting their
More informationGETTING THE MOST OUT OF EVIL TWIN
GETTING THE MOST OUT OF EVIL TWIN B-SIDES ATHENS 2016 GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > WHOAMI Security Engineer at CENSUS S.A. Cryptography, Wi-Fi hacking,
More informationPerslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.
Eleonora Petridou Pascal Cuylaerts System And Network Engineering University of Amsterdam June 30, 2011 Outline Research question About Perslink Approach Manual inspection Automated tests Vulnerabilities
More informationECE 435 Network Engineering Lecture 10
ECE 435 Network Engineering Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 4 October 2018 Announcements HW#4 was due HW#5 will be posted. midterm/fall break You ll
More informationEthical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities
Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand
More informationBefore beginning this lab, you ll probably want to review sections 3.5 and 3.7 in the text.
Ethereal Lab: TCP In this lab, we ll investigate the behavior of TCP in detail. We ll do so by analyzing a trace of the TCP segments sent and received in transferring a 150KB file (containing the text
More informationW e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s
W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s Session I of III JD Nir, Security Analyst Why is this important? ISE Proprietary Agenda About ISE Web Applications
More information90 Minute Optimization Life Cycle
90 Minute Optimization Life Cycle Fast by Default before our eyes Author of presentation Today s Hosts Hooman Beheshti VP Products Strangeloop Joshua Bixby President Strangeloop 2010 Strangeloop Networks
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Final Exam Review Instructor: Dr. Kun Sun Topics covered by Final Topic before Midterm 10% Topic after Midterm 90% Date: 12/13/2017 7:30am 10:15am Place: the same
More informationOSI Session / presentation / application Layer. Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016)
OSI Session / presentation / application Layer Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016) 1 Higher level protocols On top of IP, TCP, UDP, etc. there are a plethora
More informationELEC5616 COMPUTER & NETWORK SECURITY
ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses
More informationCommunication Networks ( ) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University. Allon Wagner
Communication Networks (0368-3030) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University Allon Wagner Several slides adapted from a presentation made by Dan Touitou on behalf of Cisco.
More informationDissecting Data Breaches. What Keeps Going Wrong?
Dissecting Data Breaches What Keeps Going Wrong? 02 WHO WE ARE Tom Stewart Uriah Robins Senior Manager IT Consulting Protiviti Senior Consultant IT Consulting Protiviti PRESENTATION AGENDA 3 START BREACH
More informationSCTP: A new networking protocol for super-computing. Mohammed Atiquzzaman Shaojian Fu Department of Computer Science University of Oklahoma.
SCTP: A new networking protocol for super-computing Mohammed Atiquzzaman Shaojian Fu Department of Computer Science University of Oklahoma. atiq@ou ou.edu Networking Characteristics in Supercomputing High
More informationSecurity issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.
Security issues: Threats Methods of attack Encryption algorithms Secret-key Public-key Hybrid protocols Lecture 15 Page 2 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed
More informationCS 161 Computer Security
Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 7 Week of March 5, 2018 Question 1 DHCP (5 min) Professor Raluca gets home after a tiring day writing papers and singing karaoke. She opens
More informationSecuring Internet Communication: TLS
Securing Internet Communication: TLS CS 161: Computer Security Prof. David Wagner March 11, 2016 Today s Lecture Applying crypto technology in practice Two simple abstractions cover 80% of the use cases
More informationAN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM
1 AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 2 Introduction (1/2) TCP provides a full duplex reliable stream connection between two end points A connection is uniquely defined by the quadruple
More informationCSE 473 Introduction to Computer Networks. Final Exam. Your name here: 12/17/2012
CSE 473 Introduction to Computer Networks Jon Turner Final Exam Your name here: 12/17/2012 1. (8 points). The figure below shows a network path connecting a server to a client. 200 km 2000 km 2 km X Y
More informationUMSSIA DAY VI: ARE WE THERE YET?
UMSSIA DAY VI: ARE WE THERE YET? CRYPTO PROTOCOLS Good crypto algorithms are hard to design but easy to find on the web. Building robust security protocols, even from secure algorithms, is also hard. Subtle
More informationAnonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationTCP Congestion Control With a Misbehaving Receiver
TCP Congestion Control With a Misbehaving Receiver Stefan Savage, Neal Cardwell, David Wetherall and Tom Anderson - Pavan Kumar Panjam Congestion Control Congestion is a situation in Communication Networks
More informationChapter 2 Application Layer. Lecture 4: principles of network applications. Computer Networking: A Top Down Approach
Chapter 2 Application Layer Lecture 4: principles of network applications Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Application Layer 2-1 Chapter
More informationWIRESHARK Introduction 18532
WIRESHARK Introduction 18532 Insert Custom Session QR if Desired. How to efficiently use the Most Popular Network Analysis Tool Thursday, March 3, 2016: 12:30 PM-1:30 PM Matthias Burkhard IBM Germany de.linkedin.com/in/mreede
More informationE-commerce security: SSL/TLS, SET and others. 4.1
E-commerce security: SSL/TLS, SET and others. 4.1 1 Electronic payment systems Purpose: facilitate the safe and secure transfer of monetary value electronically between multiple parties Participating parties:
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More information