Lecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
|
|
- Clifford Moses Alexander
- 5 years ago
- Views:
Transcription
1 Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015
2 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models Apple ios Security Android OS Security Windows 7, 8 OS Security
3 Review: IP Header format Connectionless Unreliable Best effort Min size around 20 bytes
4 TCP: Review: TCP Header format Session based Congestion control In order delivery Min size of TCP header around 20 bytes (assuming zero data)
5 Review: TCP Handshake
6 TCP SYN Flood I: low rate (DoS bug) Single machine: SYN Packets with random source IP addresses Fills up backlog queue on server No further connections possible
7 SYN Floods (phrack 48, no 13, 1996) Backlog timeout: 3 minutes Attacker need only send 128 SYN packets every 3 minutes Low rate SYN flood (around 102 Kbytes/s)
8 Low rate SYN flood defenses Non-solution: Increase backlog queue size or decrease timeout Correct solution (when under attack) : Syncookies: remove state from server Small performance overhead
9 Syncookies Idea: use secret key and data in packet to generate server SN S Server responds to Client with SYN-ACK cookie: T = 5-bit counter incremented every 64 secs. L = MAC key (SAddr, SPort, DAddr, DPort, SN C, T) [24 bits] key: picked at random during boot SN S = (T. mss. L) ( L = 24 bits ), mss: maximum segment size Server does not save state (other TCP options are lost) Honest client responds with ACK (AN= SN S, SN= SN C +1) Server allocates space for socket only if valid SN S
10 SYN floods: backscatter SYN with forged source IP SYN/ACK to random host
11 SYN Floods II: Massive flood Command bot army to flood specific target: (DDoS) 20,000 bots can generate 2Gb/sec of SYNs (2003) At web site: Saturates network uplink or network router Random source IP attack SYNs look the same as real SYNs What to do???
12 Prolexic/CloudFlare Idea: only forward established TCP connections to site
13 DNS DoS Attacks DNS runs on UDP port 53 DNS entry for victim.com hosted at victim_isp.com DDoS attack flood victim_isp.com with requests for victim.com Random source IP address in UDP packets Consequences Takes out entire DNS server What to do???
14 DNS DoS Solutions DoS resistant DNS design: (e.g. CloudFlare) With CloudFlare s authoritative DNS (serving 43 billion DNS queries per day): Built-in security including rate limiting, filtering, and blocking. (against DDoS web attacks) Global coverage Powerful functionality
15 DNS DoS solutions DoS resistant DNS design: CoDoNS: [Sirer 04] Cooperative Domain Name System P2P design for DNS system: DNS nodes share the load Simple update of DNS entries Backwards compatible with existing DNS
16 DoS via route hijacking YouTube is /22 (includes 2 10 IP addr) youtube.com is , Feb. 2008: Pakistan telecom advertised a BGP path for /24 (includes 2 8 IP addr) Routing decisions use most specific prefix The entire Internet now thinks is in Pakistan Outage resolved within two hours but demonstrates huge DoS vuln. with no solution!
17 DoS at higher layers SSL/TLS handshake [SD 03] RSA-encrypt speed 10 RSA-decrypt speed Single machine can bring down ten web servers RSA Encrypt RSA Decrypt
18 DoS Mitigation (1) CAPTCHA: Completely Automated Public Turing test to tell Computers and Humans Apart Idea: verify that connection is from a human CAPTCHAs are often used to stop bots and other automated programs from using blogs Applies to application layer DDoS [Killbots 05] During attack: generate CAPTCHAs and process request only if valid solution Present one CAPTCHA per source IP address.
19 DoS Mitigation (2) Source identification Goal: identify packet source Ultimate goal: block attack at the source (a) Ingress filtering Big problem: DDoS with spoofed source IPs Ingress filtering policy: ISP only forwards packets with legitimate source IP
20 DoS Mitigation (2) Source identification (b) Traceback Goal: Given set of attack packets Determine path to source How: change routers to record info in packets Assumptions: Most routers remain uncompromised Attacker sends many packets Route from attacker to victim remains relatively stable
21 DoS Mitigation (2) Source identification (b) Traceback Simple method Write path into network packet Each router adds its own IP address to packet Victim reads path from packet Problem: Requires space in packet Path can be long No extra fields in current IP format Changes to packet format too much to expect
22 (2) Source identification (b) Traceback Better idea DoS Mitigation DDoS involves many packets on same path Store one link in each packet Attackers Each router probabilistically stores own address Fixed space regardless of path length Routers Victim
23 Mobile Platform Security Models
24 Mobile Phone Market Share
25
26 Mobile Operating Systems Mobile OS Vulnerabilities Source: IBM X-Force, Mar 2011
27 Two Attack Vectors Web browser Installed applications Both increasing in prevalence and sophistication
28 Mobile Malware Attacks Unique to phones: Identify location Record phone calls Log SMS Similar to desktop/pcs: Connects to botmasters Steal data Phishing Malvertising
29 Comparison between Mobile Platforms Operating system Unix Windows Approval process for applications Market: Vendor controlled/open App signing: Vendor-issued/self-signed User approval of permission Programming language for applications Managed execution: Java,.Net Native execution: Objective C
30 Comparison between Mobile Platforms ios Android Windows Unix x x Windows x Open market x Closed market x x Vendor signed x Self-signed x x User approval of permissions x 7-> 8 Managed code x x Native code x
31 Apple ios From: ios App Programming Guide
32 Apple ios Security Device security Prevent unauthorized use of the device Strong passcodes Passcode expiration Data security Protect data at rest; device may be lost or stolen Hardware encryption Network security Networking protocols and encryption of data in transmission App security Secure platform foundation Runtime protection App sandbox prevents access to other app s data
33 ios Sandbox Limit app s access to files, preferences, network, other resources Each app has own sandbox directory Limits consequences of attacks Same privileges for each app
34 Android Platform outline: Linux kernel, browser, SQL-lite database Software for secure network communication Open SSL, Bouncy Castle crypto API and Java library C language infrastructure Java platform for running applications Also: video stuff, Bluetooth, vibrate phone, etc.
35 Android Security Features Isolation Multi-user Linux operating system Each application normally runs as a different user Communication between applications May share same Linux user ID Access files from each other May share same Linux process and Dalvik VM Communicate through application framework Intents, based on Binder, discussed in a few slides Battery life Developers must conserve power Applications store state so they can be stopped (to save power) and restarted helps with DoS
36 Android Security Features Application sandbox Each application runs with its UID in its own virtual machine Provides CPU protection, memory protection Authenticated communication protection using Unix domain sockets Applications announces permission requirement Create a whitelist model user grants access But don t want to ask user often all questions asked as install time Inter-component communication reference monitor checks permissions
37 Comparison: ios vs Android App approval process Android apps from open app store ios vendor-controlled store of vetted apps Application permissions Android permission based on install-time manifest All ios apps have same set of sandbox privileges App programming language Android apps written in Java; no buffer overflow ios apps written in Objective-C
38 Windows Phone OS 7.0 security model Principles of isolation and least privilege Each chamber Provides a security and isolation boundary Is defined and implemented using a policy system The security policy of a chamber Specifies the OS capabilities that processes in that chamber can access
39 Windows Phone OS 8 security model Services and Application all in chambers WP8 has a richer capabilities list
40 Overview of Four Chambers Trusted Computing Base (TCB) chamber unrestricted access to most resources can modify policy and enforce the security model. kernel and kernel-mode drivers run in the TCB Minimizing the amount of software that runs in the TCB is essential for minimizing the Windows Phone 7, 8 attack surface
41 Overview of Four Chambers Elevated Rights Chamber (ERC) Can access all resources except security policy Intended for services and user-mode drivers Standard Rights Chamber (SRC) Default for pre-installed applications that do not provide device-wide services Outlook Mobile is an example that runs in the SRC Least Privileged Chamber (LPC) Default chamber for all non-microsoft applications LPCs configured using capabilities
Dan Boneh, John Mitchell, Dawn Song. Denial of Service
Dan Boneh, John Mitchell, Dawn Song Denial of Service What is network DoS? Goal: take out a large site with little computing work How: Amplification Small number of packets big effect Two types of amplification
More informationUnwanted Traffic: Denial of Service Attacks. Original slides by Dan Boneh and John Mitchell
Unwanted Traffic: Denial of Service Attacks Original slides by Dan Boneh and John Mitchell 1 What is network DoS? Goal: take out a large site with little computing work How: Amplification n Small number
More informationUnwanted Traffic: Denial of Service Attacks
CS 155 Unwanted Traffic: Denial of Service Attacks Dan Boneh Acknowledgments: Lecture slides are from the Computer Security course thought by Dan Boneh and John Mitchell at Stanford University. When slides
More informationUnwanted Traffic: Denial of Service Attacks
CS 155 Spring 2014 Unwanted Traffic: Denial of Service Attacks Dan Boneh 1 What is network DoS?! Goal: take out a large site with little computing work! How: Amplification n Small number of packets big
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationLecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015
Lecture 6 Internet Security: How the Internet works and some basic vulnerabilities Thursday 19/11/2015 Agenda Internet Infrastructure: Review Basic Security Problems Security Issues in Routing Internet
More informationChapter 7. Denial of Service Attacks
Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 8 Denial of Service First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Denial of Service denial of service (DoS) an action
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationDenial of Service (DoS)
Flood Denial of Service (DoS) Comp Sci 3600 Security Outline Flood 1 2 3 4 5 Flood 6 7 8 Denial-of-Service (DoS) Attack Flood The NIST Computer Security Incident Handling Guide defines a DoS attack as:
More informationnetwork security s642 computer security adam everspaugh
network security s642 adam everspaugh ace@cs.wisc.edu computer security today Announcement: HW3 to be released WiFi IP, TCP DoS, DDoS, prevention 802.11 (wifi) STA = station AP = access point BSS = basic
More informationDenial of Service. EJ Jung 11/08/10
Denial of Service EJ Jung 11/08/10 Pop Quiz 3 Write one thing you learned from today s reading Write one thing you liked about today s reading Write one thing you disliked about today s reading Announcements
More informationCommunication Networks ( ) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University. Allon Wagner
Communication Networks (0368-3030) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University Allon Wagner Several slides adapted from a presentation made by Dan Touitou on behalf of Cisco.
More informationNT1210 Introduction to Networking. Unit 10
NT1210 Introduction to Networking Unit 10 Chapter 10, TCP/IP Transport Objectives Identify the major needs and stakeholders for computer networks and network applications. Compare and contrast the OSI
More informationCS Paul Krzyzanowski
The Internet Packet switching: store-and-forward routing across multiple physical networks... across multiple organizations Computer Security 11. Network Security ISP Paul Krzyzanowski Rutgers University
More informationCSC 4900 Computer Networks: TCP
CSC 4900 Computer Networks: TCP Professor Henry Carter Fall 2017 Project 2: mymusic You will be building an application that allows you to synchronize your music across machines. The details of which are
More informationNetwork Security (NetSec)
Chair of Network Architectures and Services Department of Informatics Technical University of Munich Network Security (NetSec) IN2101 WS 17/18 Prof. Dr.-Ing. Georg Carle Dr. Heiko Niedermayer Quirin Scheitle
More informationComputer Security. 11. Network Security. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 11. Network Security Paul Krzyzanowski Rutgers University Spring 2018 April 15, 2018 CS 419 2018 Paul Krzyzanowski 1 The Internet Packet switching: store-and-forward routing across multiple
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (7 th Week) 7. Denial-of-Service Attacks 7.Outline Denial of Service Attacks Flooding Attacks Distributed Denial of Service Attacks Application Based
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationNetwork Security: Network Flooding. Seungwon Shin GSIS, KAIST
Network Security: Network Flooding Seungwon Shin GSIS, KAIST Detecting Network Flooding Attacks SYN-cookies Proxy based CAPCHA Ingress/Egress filtering Some examples SYN-cookies Background In a TCP 3-way
More informationOutline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack
Attacks on TCP Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack TCP Protocol Transmission Control Protocol (TCP) is a core protocol
More informationCSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
More informationQUIZ: Longest Matching Prefix
QUIZ: Longest Matching Prefix A router has the following routing table: 10.50.42.0 /24 Send out on interface Z 10.50.20.0 /24 Send out on interface A 10.50.24.0 /22 Send out on interface B 10.50.20.0 /22
More informationELEC5616 COMPUTER & NETWORK SECURITY
ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses
More informationInternet Infrastructure
Internet Infrastructure Internet Infrastructure Local and inter-domain routing TCP/IP for routing and messaging BGP for routing announcements Domain Name System Find IP address from symbolic name (www.cc.gatech.edu)
More informationFoundations of Network and Computer Security
Foundations of Network and Computer Security John Black Lecture #17 Oct 27 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Backscatter Technique CAIDA (San Diego) owns large block of IP address space They have
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationClosed book. Closed notes. No electronic device.
414-S17 (Shankar) Exam 3 PRACTICE PROBLEMS Page 1/6 Closed book. Closed notes. No electronic device. 1. Anonymity Sender k-anonymity Receiver k-anonymity Authoritative nameserver Autonomous system BGP
More informationInternet Protocol and Transmission Control Protocol
Internet Protocol and Transmission Control Protocol CMSC 414 November 13, 2017 Internet Protcol Recall: 4-bit version 4-bit hdr len 8-bit type of service 16-bit total length (bytes) 8-bit TTL 16-bit identification
More informationOutline. TCP: Overview RFCs: 793, 1122, 1323, 2018, Development of reliable protocol Sliding window protocols
Outline Development of reliable protocol Sliding window protocols Go-Back-N, Selective Repeat Protocol performance Sockets, UDP, TCP, and IP UDP operation TCP operation connection management flow control
More informationOur Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II
Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Yes: Creating a secure channel for communication (Part I) Protecting
More informationECE 435 Network Engineering Lecture 10
ECE 435 Network Engineering Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 28 September 2017 Announcements HW#4 was due HW#5 will be posted. midterm/fall break You
More informationOutline. TCP: Overview RFCs: 793, 1122, 1323, 2018, steam: r Development of reliable protocol r Sliding window protocols
Outline r Development of reliable protocol r Sliding window protocols m Go-Back-N, Selective Repeat r Protocol performance r Sockets, UDP, TCP, and IP r UDP operation r TCP operation m connection management
More informationIntroduction to Network. Topics
Introduction to Network Security Chapter 7 Transport Layer Protocols 1 TCP Layer Topics Responsible for reliable end-to-end transfer of application data. TCP vulnerabilities UDP UDP vulnerabilities DNS
More informationLecture 11. Transport Layer (cont d) Transport Layer 1
Lecture 11 Transport Layer (cont d) Transport Layer 1 Agenda The Transport Layer (continue) Connection-oriented Transport (TCP) Flow Control Connection Management Congestion Control Introduction to the
More informationInternet Security: How the Internet works and some basic vulnerabilities
CS 155 Internet Security: How the Internet works and some basic vulnerabilities Dan Boneh Acknowledgments: Lecture slides are from the Computer Security course taught by Dan Boneh and John Mitchell at
More informationCSE Computer Security (Fall 2006)
CSE 543 - Computer Security (Fall 2006) Lecture 18 - Network Security November 7, 2006 URL: http://www.cse.psu.edu/~tjaeger/cse543-f06/ 1 Denial of Service Intentional prevention of access to valued resource
More informationDenial of Service and Distributed Denial of Service Attacks
Denial of Service and Distributed Denial of Service Attacks Objectives: 1. To understand denial of service and distributed denial of service. 2. To take a glance about DoS techniques. Distributed denial
More informationCS670: Network security
Cristina Nita-Rotaru CS670: Network security ARP, TCP 1: Background on network protocols OSI/ISO Model Application Presentation Session Transport Network Data Link Physical Layer Application Presentation
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationDifferent Layers Lecture 21
Different Layers Lecture 21 10/17/2003 Jian Ren 1 The Transport Layer 10/17/2003 Jian Ren 2 Transport Services and Protocols Provide logical communication between app processes running on different hosts
More informationLecture 20 Overview. Last Lecture. This Lecture. Next Lecture. Transport Control Protocol (1) Transport Control Protocol (2) Source: chapters 23, 24
Lecture 20 Overview Last Lecture Transport Control Protocol (1) This Lecture Transport Control Protocol (2) Source: chapters 23, 24 Next Lecture Internet Applications Source: chapter 26 COSC244 & TELE202
More informationDefeating All Man-in-the-Middle Attacks
Defeating All Man-in-the-Middle Attacks PrecisionAccess Vidder, Inc. Defeating All Man-in-the-Middle Attacks 1 Executive Summary The man-in-the-middle attack is a widely used and highly preferred type
More informationNetwork Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018
Network Security Evil ICMP, Careless TCP & Boring Security Analyses Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018 Part I Internet Control Message Protocol (ICMP) Why ICMP No method
More informationPage 1. Goals for Today" Discussion" Example: Reliable File Transfer" CS162 Operating Systems and Systems Programming Lecture 11
Goals for Today" CS162 Operating Systems and Systems Programming Lecture 11 Reliability, Transport Protocols" Finish e2e argument & fate sharing Transport: TCP/UDP Reliability Flow control October 5, 2011
More informationEE 122: Network Security
Motivation EE 122: Network Security Kevin Lai December 2, 2002 Internet currently used for important services - financial transactions, medical records Could be used in the future for critical services
More information20: Networking (2) TCP Socket Buffers. Mark Handley. TCP Acks. TCP Data. Application. Application. Kernel. Kernel. Socket buffer.
20: Networking (2) Mark Handley TCP Socket Buffers Application Application Kernel write Kernel read Socket buffer Socket buffer DMA DMA NIC TCP Acks NIC TCP Data 1 TCP Socket Buffers Send-side Socket Buffer
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationImma Chargin Mah Lazer
Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types
More informationCSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management
CSE/EE 461 Lecture 13 Connections and Fragmentation Tom Anderson tom@cs.washington.edu Peterson, Chapter 5.2 TCP Connection Management Setup assymetric 3-way handshake Transfer sliding window; data and
More informationFirewalls and NAT. Firewalls. firewall isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others.
Firews and NAT 1 Firews By conventional definition, a firew is a partition made of fireproof material designed to prevent the spread of fire from one part of a building to another. firew isolates organization
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationCS 155 Final Exam. CS 155: Spring 2012 June 11, 2012
CS 155: Spring 2012 June 11, 2012 CS 155 Final Exam This exam is open books and open notes. You may use course notes and documents that you have stored on a laptop, but you may NOT use the network connection
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationUnix Network Programming
Unix Network Programming Remote Communication Dr Hamed Vahdat-Nejad Network Applications Types: Client Server Exampels: A web browser (client) Ap communicating with a Web server An FTP client Fetching
More informationChapter 6 Transport Layer
Chapter 6 Transport Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and delete
More informationConfiguring Flood Protection
Configuring Flood Protection NOTE: Control Plane flood protection is located on the Firewall Settings > Advanced Settings page. TIP: You must click Accept to activate any settings you select. The Firewall
More informationComputer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2009 Lecture 8 Announcements Plan for Today: Networks: TCP Firewalls Midterm 1: One week from Today! 2/17/2009 In class, short answer, multiple choice,
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationDifferent Layers Lecture 20
Different Layers Lecture 20 10/15/2003 Jian Ren 1 The Network Layer 10/15/2003 Jian Ren 2 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every host,
More informationTransport protocols. Transport Layer 3-1
Transport protocols 1 Transport services and protocols provide logical communication between app processes running on different hosts application transport network data link physical transport protocols
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationTransport Layer (TCP/UDP)
Transport Layer (TCP/UDP) Where we are in the Course Moving on up to the Transport Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Recall Transport layer provides
More informationNetwork Security. Tadayoshi Kohno
CSE 484 (Winter 2011) Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationCS244a: An Introduction to Computer Networks
CS244a: An Introduction to Computer Networks Security Winter 2008 CS244a 1 Announcements (?) Winter 2008 CS244a 2 1 Life Just Before Slammer Winter 2008 CS244a 3 Life Just After Slammer Winter 2008 CS244a
More information«On the Internet, nobody knows you are a dog» Twenty years later
«On the Internet, nobody knows you are a dog» Twenty years later This lecture is about identity and authenticity, but also other security properties. It is largely about the Internet, but some of this
More informationYour projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /30 * 100
You should worry if you are below this point Your projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /0 * 100 o Optimistic: (Your
More informationSingle Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking
1 Review of TCP/IP working Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Frame Path Chapter 3 Client Host Trunk Link Server Host Panko, Corporate
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationTransport Layer. The transport layer is responsible for the delivery of a message from one process to another. RSManiaol
Transport Layer Transport Layer The transport layer is responsible for the delivery of a message from one process to another Types of Data Deliveries Client/Server Paradigm An application program on the
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and
More informationUDP, TCP, IP multicast
UDP, TCP, IP multicast Dan Williams In this lecture UDP (user datagram protocol) Unreliable, packet-based TCP (transmission control protocol) Reliable, connection oriented, stream-based IP multicast Process-to-Process
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Networking Transport Layer Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) TCP/IP Model 2 Transport Layer Problem solved:
More informationRouting Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security
Routing Security DDoS and Route Hijacks Merike Kaeo CEO, Double Shot Security merike@doubleshotsecurity.com DISCUSSION POINTS Understanding The Growing Complexity DDoS Attack Trends Packet Filters and
More informationUser Datagram Protocol
Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram
More informationDDoS and Traceback 1
DDoS and Traceback 1 Denial-of-Service (DoS) Attacks (via Resource/bandwidth consumption) malicious server legitimate Tecniche di Sicurezza dei Sistemi 2 TCP Handshake client SYN seq=x server SYN seq=y,
More informationCSE Computer Security
CSE 543 - Computer Security Lecture 22 - Denial of Service November 15, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Denial of Service Intentional prevention of access to valued resource CPU,
More informationCSc 466/566. Computer Security. 18 : Network Security Introduction
1/81 CSc 466/566 Computer Security 18 : Network Security Introduction Version: 2012/05/03 13:57:28 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationSSL/TLS. How to send your credit card number securely over the internet
SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying
More informationComputer Security Exam 3 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 2017 Exam 3 Review Paul Krzyzanowski Rutgers University Spring 2017 April 18, 2018 CS 419 2017 Paul Krzyzanowski 1 Exam 3: Grade vs. Completion Time 5 Question 1 A high False Reject Rate
More informationAnnouncements. No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6
Announcements No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6 Copyright c 2002 2017 UMaine Computer Science Department 1 / 33 1 COS 140: Foundations
More informationCSCI-GA Operating Systems. Networking. Hubertus Franke
CSCI-GA.2250-001 Operating Systems Networking Hubertus Franke frankeh@cs.nyu.edu Source: Ganesh Sittampalam NYU TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute
More informationNetwork and Internet Vulnerabilities
Network and Internet Vulnerabilities Computer Security Lecture 10 Mike Just 1 School of Informatics University of Edinburgh 15th February 2010 1 Based on original lecture notes by David Aspinall Internet
More informationChapter 3 Transport Layer
Chapter 3 Transport Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and delete
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
More informationThe Internet is not always a friendly place In fact, hosts on the Internet are under constant attack How to deal with this is a large topic
CSE 123 Computer Networking Fall 2009 Network security NAT, Firewalls, DDoS Geoff Voelker Network security The Internet is not always a friendly place In fact, hosts on the Internet are under constant
More informationARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1
ARP, IP, TCP, UDP CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1 IP and MAC Addresses Devices on a local area network have IP addresses (network layer) MAC addresses (data
More informationCapability Analysis of Internet of Things (IoT) Devices in Botnets & Implications for Cyber Security Risk Assessment Processes (Part One)
Capability Analysis of Internet of Things (IoT) Devices in Botnets & Implications for Cyber Security Risk Assessment Processes (Part One) Presented by: Andrew Schmitt Theresa Chasar Mangaya Sivagnanam
More informationAndroid System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015
Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used
More informationIPV6 SIMPLE SECURITY CAPABILITIES.
IPV6 SIMPLE SECURITY CAPABILITIES. 50 issues from RFC 6092 edited by J. Woodyatt, Apple Presentation by Olle E. Johansson, Edvina AB. ABSTRACT The RFC which this presentation is based upon is focused on
More informationCloudflare Advanced DDoS Protection
Cloudflare Advanced DDoS Protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationConnections. Topics. Focus. Presentation Session. Application. Data Link. Transport. Physical. Network
Connections Focus How do we connect processes? This is the transport layer Topics Naming processes Connection setup / teardown Flow control Application Presentation Session Transport Network Data Link
More informationLecture 12. Application Layer. Application Layer 1
Lecture 12 Application Layer Application Layer 1 Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers
More informationLecture 08: The Transport Layer (Part 2) The Transport Layer Protocol (TCP) Dr. Anis Koubaa
NET 331 Computer Networks Lecture 08: The Transport Layer (Part 2) The Transport Layer Protocol (TCP) Dr. Anis Koubaa Reformatted slides from textbook Computer Networking a top-down appraoch, Fifth Edition
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More information