Computer and Network Security

Similar documents
CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 7

Links. CS125 - mylinks 1 1/22/14

Housekeeping. Fall /5 CptS/EE 555 1

Data Link Networks. Hardware Building Blocks. Nodes & Links. CS565 Data Link Networks 1

Links Reading: Chapter 2. Goals of Todayʼs Lecture. Message, Segment, Packet, and Frame

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

ECE 4450:427/527 - Computer Networks Spring 2017

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8

CSMC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala Set 4. September 09 CMSC417 Set 4 1

Ethernet. Lecture 6. Outline. Ethernet - Physical Properties. Ethernet - Physical Properties. Ethernet

The Link Layer and LANs. Chapter 6: Link layer and LANs

Link layer, LANs: outline. Chapter 5-1 Link Layer. Link layer: introduction. Link layer services

Lecture 6. Reminder: Homework 2, Programming Project 2 due on Thursday. Questions? Tuesday, September 13 CS 475 Networks - Lecture 6 1

CSCI-1680 Link Layer I Rodrigo Fonseca

Reliable Transmission

PART III. Data Link Layer MGH T MGH C I 204

Getting Connected (Chapter 2 Part 4) Networking CS 3470, Section 1 Sarah Diesburg

Lecture 6 The Data Link Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Medium Access Control

Direct Link Networks (II)

Data Link Layer Overview

CS 640 Introduction to Computer Networks. Role of data link layer. Today s lecture. Lecture16

Introduction to Computer Networks. 03 Data Link Layer Introduction

High Level View. EE 122: Ethernet and Random Access protocols. Medium Access Protocols

Computer Networks Medium Access Control. Mostafa Salehi Fall 2008

Data Link Layer, Part 3 Medium Access Control. Preface

Islamic University of Gaza Faculty of Engineering Department of Computer Engineering ECOM 4021: Networks Discussion. Chapter 2.

CSE 461: Framing, Error Detection and Correction

Link Layer and LANs 안상현서울시립대학교컴퓨터 통계학과.

Data Link Layer Overview

Contention Protocols and Networks

Data Link Layer Overview

EE 122: Ethernet and

Reminder: Datalink Functions Computer Networking. Datalink Architectures

CS 455/555 Intro to Networks and Communications. Link Layer

Point-to-Point Links. Outline Encoding Framing Error Detection Sliding Window Algorithm. Fall 2004 CS 691 1

CS 4453 Computer Networks Winter

CSE 123A Computer Networks

Link Layer and LANs. Our Goals. Link Layer

Data Link Layer Overview

CSCI-1680 Link Layer Wrap-Up Rodrigo Fonseca

CS 640 Lecture 4: 09/11/2014

Data Link Layer, Part 5. Medium Access Control

Chapter 5 Link Layer and LANs

Chapter 5 Link Layer and LANs

Some portions courtesy Robin Kravets and Steve Lumetta

The random access methods we study in this chapter have evolved from a very interesting protocol known as ALOHA, which used a very simple procedure

Summary of MAC protocols

Message, Segment, Packet, and Frame Link-layer services Encoding, framing, error detection, transmission control Error correction and flow control

Module 10 Data Link Layer CS655! 10-1!

Computer Networks. Medium Access Sublayer (Part I)

CSCI-1680 Link Layer Wrap-Up Rodrigo Fonseca

COMPUTER NETWORKS UNIT I. 1. What are the three criteria necessary for an effective and efficient networks?

Medium Access Control Sublayer

Link Layer and Ethernet

Link Layer and Ethernet

Local Area Networks. Aloha Slotted Aloha CSMA (non-persistent, 1-persistent, p-persistent) CSMA/CD Ethernet Token Ring

CompSci 356: Computer Network Architectures. Lecture 4: Link layer: Encoding, Framing, and Error Detection Ref. Chap 2.2, 2.3,2.4

Networking Link Layer

Chapter 5 Data-Link Layer: Wired Networks

CSMC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. Nov 1,

Lecture 4b. Local Area Networks and Bridges

ก ก Information Technology II

CSC 401 Data and Computer Communications Networks

Goals of Today s Lecture. Adaptors Communicating

CSCI-1680 Link Layer Wrap-Up Rodrigo Fonseca

From Signals to Packets Computer Networking. Link Layer: Implementation. Datalink Functions. Lecture 5 - Coding and Error Control

Computer Network. Direct Link Networks Reliable Transmission. rev /2/2004 1

Data Link Protocols. High Level Data. Control Protocol. HDLC Framing ~~~~~~~~ Functions of a Data Link Protocol. Framing PDUs. Addressing Destination

CS254 Network Technologies. Lecture 2: Network Models & Error Detection and Correction. Dr Nikos Antonopoulos

Advanced Computer Networks. Rab Nawaz Jadoon DCS. Assistant Professor COMSATS University, Lahore Pakistan. Department of Computer Science

CSE 461: Multiple Access Networks. This Lecture

Links. Error Detection. Link Layer. Multiple access protocols. Nodes Links Frame. Shared channel Problem: collisions How nodes share a channel

Lecture 8 The Data Link Layer part I. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Medium Access Protocols

The MAC Address Format

CSCI-1680 Link Layer Wrap-Up Rodrigo Fonseca

Data and Computer Communications. Chapter 11 Local Area Network

transferring datagram from one node data-link layer has responsibility of to adjacent node over a link 5-1 TDTS06 Computer networks

SRI RAMAKRISHNA INSTITUTE OF TECHNOLOGY DEPARTMENT OF INFORMATION TECHNOLOGY COMPUTER NETWORKS UNIT - II DATA LINK LAYER

Lecture 6: Reliable Transmission. CSE 123: Computer Networks Alex Snoeren (guest lecture) Alex Sn

Introductory to Computer Networks Local Area Networks. Lecture 16 Fall Isfahan University of technology Dr.

Lecture 5: Data Link Layer Basics

ISO/OSI Reference Model. Data Link Layer. 7. Application. 6. Presentation. 5. Session. 4. Transport. 3. Network. 2. Data Link. 1.

COMP476 Networked Computer Systems. Polling. Sharing the Wire. LAN Technologies. COMP476 Networked Computer Systems 1

Medium Access Control

EECS 122, Lecture 7. Kevin Fall Jean Walrand

Lecture Outline. Lecture 2. OSI model and networking. The OSI model and networking. The OSI model and networking. The OSI model and networking

CSCI-1680 Link Layer Reliability Rodrigo Fonseca

CCNA Exploration1 Chapter 7: OSI Data Link Layer

Department of Computer and IT Engineering University of Kurdistan. Data Communication Netwotks (Graduate level) Data Link Layer

Communication (III) Kai Huang

Lecture 9: Bridging. CSE 123: Computer Networks Alex C. Snoeren

Raj Jain. The Ohio State University Columbus, OH

Goals. Fundamentals of Network Media. More topics. Topics. Multiple access communication. Multiple access solutions

LAN PROTOCOLS. Beulah A AP/CSE

CS 716: Introduction to communication networks. - 9 th class; 19 th Aug Instructor: Sridhar Iyer IIT Bombay

ECE 4450:427/527 - Computer Networks Spring 2017

Multiple Access Channels

CSC 4900 Computer Networks: The Link Layer

Transcription:

CIS 551 / TCOM 401 Computer and Network Security Spring 2009 Lecture 6

Announcements First project: Due: 6 Feb. 2009 at 11:59 p.m. http://www.cis.upenn.edu/~cis551/project1.html Plan for Today: Networks: Lower layers 2/3/09 CIS/TCOM 551 2

Open Systems Interconnection (OSI) End Host Application Presentation Session Transport Network Data Link Physical Reference model not actual implementation. Transmits messages (e.g. FTP or HTTP) Data format issues (e.g. big- vs. little-endian) Manages multiple streams of data Process to process protocols Routes packets among nodes in network Packages bit streams into frames Transmits raw bits over link 2/3/09 CIS/TCOM 551 3

Signaling Components Host Network Adapter Signaling Components signal Network Adapter Host Network adapters encode streams of bits into signals. Simplification: Assume two discrete signals high and low. Practice: Two different voltages on copper link or different brightness of light on fiber link. (leads to some interesting encoding issues) 2/3/09 CIS/TCOM 551 4

Not in this course Bits 0 0 1 0 1 1 1 1 0 1 0 0 0 0 1 0 E = ε 0 ρ E = B t B = 0 NRZ Clock Manchester NRZI B = µ 0 J + µ 0 ε 0 E t 2/3/09 CIS/TCOM 551 5

Open Systems Interconnection (OSI) End Host Application Presentation Session Transport Network Data Link Physical Reference model not actual implementation. Transmits messages (e.g. FTP or HTTP) Data format issues (e.g. big- vs. little-endian) Manages multiple streams of data Process to process protocols Routes packets among nodes in network Packages bit streams into frames Transmits raw bits over link 2/3/09 CIS/TCOM 551 6

Framing Need a way to send blocks of data. How does the network adapter detect when the sequence begins and ends? Are there transmission errors in the data? Frames are link layer unit of data transmission Byte oriented vs. Bit oriented Point-to-point (e.g. PPP) vs. Multiple access (Ethernet) 2/3/09 CIS/TCOM 551 7

A Multi-access, Bit-oriented Protocol Frames contain sequences of bits Could be ASCII Could be pixels from an image Frames read by many nodes Address distinguishes intended recipient HDLC (High-level Data Link Control) Begin and ending = 01111110 Uses bit stuffing: suffix five 1 s with a 0 8 16 16 8 Begin Header Body CRC Ending HDLC frame format 2/3/09 CIS/TCOM 551 8

Problem: Error Detection & Correction Bit errors may be introduced into frames Electrical interference Thermal noise Could flip one bit or a few bits independently Could zero-out or flip a sequence of bits (burst error) How do you detect an error? What do you do once you find one? 2/3/09 CIS/TCOM 551 9

Error Detection General principal: Introduce redundancy Trivial example: send two copies High overheads: 2n bits to send n Won t detect errors that corrupt same bits in both copies How can we do better? Minimize overhead Detect many errors General subject: error detecting codes 2/3/09 CIS/TCOM 551 10

Simple Error Detection Schemes Parity 7 bits of data 8 th bit is sum of first seven bits mod 2 Overhead: 8n bits to send 7n Detects: any odd number of bit errors Internet Checksum algorithm Add up the words of the message, transmit sum 16 bit ones-complement addition Overhead: 16 bits to send n Does not detect all two bit errors 2/3/09 CIS/TCOM 551 11

Cyclic Redundancy Check Reading: Wikipedia entry on CRC Used in link-level protocols CRC-32 used by Ethernet, 802.5, PKzip, CRC-CCITT used by HDLC CRC-8, CRC-10, CRC-32 used by ATM Better than parity or checksum (e.g. 32 bits to send 12000) Simple to implement 2/3/09 CIS/TCOM 551 12

Cyclic Redundancy Check (CRC) Consider (n+1)-bit message as a n-degree polynomial Polynomial arithmetic modulo 2 Bit values of message are coefficients Message = 10011010 Polynomial M(z) = (1 z 7 ) + (0 z 6 ) + (0 z 5 ) + (1 z 4 ) + (1 z 3 ) + (0 z 2 ) + (1 z 1 ) + (0 z 0 ) = z 7 + z 4 + z 3 + z 1 2/3/09 CIS/TCOM 551 13

Cyclic Redundancy Check Sender and receiver agree on a divisor polynomial C(z) of degree k Example k = 3 C(z) = z 3 + z 2 + 1 Coefficients are 1101 Error correction bits are remainder of (M(z) z k ) divided by C(z) This yields a n+k bit transmission polynomial P(z) that is exactly divisible by C(z) 2/3/09 CIS/TCOM 551 14

Example CRC Calculation 11 111001 1101 10011010 000 1101 Multiplication by z 3 1001 1101 1000 Original message: M(z) Divisor Polynomial: C(z) 101 Remainder 2/3/09 CIS/TCOM 551 15

Example CRC Calculation Z 3 Original Message M(z) = Transmitted message P(z) = 10011010 000 Remainder = + 101 10011010 101 Recipient checks that C(z) evenly divides the received message. 2/3/09 CIS/TCOM 551 16

CRC Error Detection Must choose a good divisor C(z) There are many standard choices: CRC-8, CRC-10, CRC-12, CRC-16, CRC-32 CRC-32: 0x04C11DB7 All 1-bit errors as long as z k and z 0 coefficients are 1 All 2-bit errors as long as C(z) has three terms Any odd number of errors if (z+1) divides C(z) Any burst errors of length k 2/3/09 CIS/TCOM 551 17

CRC Implementations Easy to implement in hardware Base 2 subtraction is XOR Simple k-bit shift register with XOR gates inserted before 1 s in C(z) polynomial Message is shifted in, registers fill with remainder Example C(z) = 1101 r 2 r 1 r 0 10011010 000 2/3/09 CIS/TCOM 551 18

Error Correction Codes Redundant information can be used to correct some errors Typically requires more redundancy Tradeoffs: Error detection requires retransmission Error correction sends more bits all the time Forward Error Correction is useful: When errors are likely (e.g. wireless network) When latency is too high for retransmission (e.g. satellite link) 2/3/09 CIS/TCOM 551 19

Open Systems Interconnection (OSI) End Host Application Presentation Session Transport Network Data Link Physical Reference model not actual implementation. Transmits messages (e.g. FTP or HTTP) Data format issues (e.g. big- vs. little-endian) Manages multiple streams of data Process to process protocols Routes packets among nodes in network Packages bit streams into frames Transmits raw bits over link 2/3/09 CIS/TCOM 551 20

IEEE 802 network standards The IEEE 802 committee produces standards & specifications for Local Area Networks (LAN): 802.3 CSMA/CD Networks (Ethernet) 802.4 Token Bus Networks 802.5 Token Ring Networks 802.6 Metropolitan Area Networks 802.11 Wireless LAN (Wifi) [Thursday] 2/3/09 CIS/TCOM 551 21

Ethernet (802.3) A standard for local area networks (LAN) Developed in mid-70 s at Xerox PARC Descendent of Aloha, a U. of Hawaii radio packet network DEC, Intel, and Xerox standard: 1978 for 10Mbps IEEE 802.3 standard grew out of that Physical implementations: 10Base5, 10BaseT, 100BaseT, 1000BaseT Speed: 10Mbps,100Mbps, 1000Mbps, 2/3/09 CIS/TCOM 551 22

Ethernet Physical links Originally used Thick-net 10Base5 10 = 10Mbps 5 = maximum of 500 meters segments Up to 4 repeaters between two hosts =2500m max More common: 10BaseT 10 = 10Mbps T = Twisted pair (typically Category 5), Maximum of 100 meter segments Connected via hubs (still 2500m max) Today s standards: 100BaseT, 1000BaseT 2/3/09 CIS/TCOM 551 23

Ethernet topologies 10Base5 topology Host Repeater 10BaseT topology Hub Hub 2/3/09 CIS/TCOM 551 24

How the ethernet works The Ethernet link is shared A signal transmitted by one host reaches all hosts Method of operation: CSMA/CD Carrier Sense, Multiple Access, with Collision Detection Hosts competing for the same link are said to be in the same collision domain Good news: easy to exchange data Bad news: have to regulate link access Procotol: Media Access Control (MAC) 2/3/09 CIS/TCOM 551 25

Ethernet Addresses Every adapter manufactured has a unique address 6 bytes (48 bits) usually written in Hex. Examples: 00-40-50-B1-39-69 and 8:0:2b:e4:b1:2 Each manufacturer is assigned 24bit prefix Manufacturer ensures unique suffixes 2/3/09 CIS/TCOM 551 26

Ethernet Frame Format 64 48 48 16 32 Preamble Dest Src Type Body CRC Preamble repeating pattern of 0 s & 1 s Used by receiver to synchronize on signal Dest and Src Ethernet Addresses Type demultiplexing key Identifies higher-level protocol Body payload Minimum 46 Bytes Maximum 1500 Bytes 2/3/09 CIS/TCOM 551 27

Addresses in an ethernet frame All bits = 1 indicates a broadcast address Sent to all adapters First bit = 0 indicates unicast address Sent to only one receiver First bit = 1 indicates multicast address Sent to a group of receivers 2/3/09 CIS/TCOM 551 28

An Ethernet Adapter Receives: Frames addressed to the broadcast address Frames addressed to its own address Frames sent to a multicast address If it has been programmed to listen to that address All frames If the adapter has been put into promiscuous mode 2/3/09 CIS/TCOM 551 29

Ethernet Transmitter Algorithm If the link is idle transmit the frame immediately Upper bound on frame size means adapter can t hog the link If the link is busy Wait for the line to go idle Wait for 9.6µs after end of last frame (sentinel) Transmit the frame Two (or more) frames may collide Simultaneously sent frames interfere 2/3/09 CIS/TCOM 551 30

Collision Detection When an adapter detects a collision Immediately sends 32 bit jamming signal Stops transmitting A 10MBps adapter may need to send 512 bits in order to detect a collision Why? 2500m + 4 repeaters gives RTT of 51.2µs 51.2µs at 10Mbps = 512 bits Fortunately, minimum frame (excluding preamble) is 512 bits = 64 bytes 46 bytes data + 14 bytes header + 4 bytes CRC 2/3/09 CIS/TCOM 551 31

Ethernet Collision (Worst Case) T=0 25.6µs 25.6µs 51.2µs 2/3/09 CIS/TCOM 551 32

Exponential Backoff After it detects 1 st collision Adapter waits either 0 or 51.2µs before retrying Selected randomly After 2 nd failed transmission attempt Adapter randomly waits 0, 51.2, 102.4, or 153.6µs After n th failed transmission attempt Pick k in 0 2 n -1 Wait k x 51.2µs Give up after 16 retries (but cap n at 10) 2/3/09 CIS/TCOM 551 33

Ethernet Security Issues Promiscuous mode Packet sniffer detects all Ethernet frames Less of a problem in switched Ethernet Why? 2/3/09 CIS/TCOM 551 34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback