Upload File

persistent ospf attacks gabi nakibly, alex kirshon and dima gonikman, dan boneh 19th annual network...

  • Home
  • Documents
  • Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS
14
Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference ( NDSS 2012)

Upload: bruce-kennedy

Post on 03-Jan-2016

218 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Persistent OSPF Attacks

Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh

19th Annual Network & Distributed System Security Conference (NDSS 2012)

http://www.isoc.org/isoc/conferences/ndss/12/
Page 2: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Outline

• Introduction (OSPF v2)

•OSPF Security Strengths

•Attack

• Impact and Analysis

•Mitigation Measures

Page 3: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Introduction (OSPF v2)

•Most used protocol in Autonomous System

• Link State Routing Protocol

• LSA is flooded throughout the AS

•Designated Router

•Database Description (DBD) Messages

Page 4: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Routing table

Page 5: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Adjacency set up

Page 6: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Security Strengths

•Per Link Authentication

•Flooding

•Fight Back

•LSA Content

Page 7: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Remote False Adjacency Attack• To fool a remote router

•Persistent control over routing table

•Denial of Service -Link overload-Routing loops -Delivery Failure

• Eavesdropping

Page 8: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Mechanism

Page 9: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS
Page 10: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Consequences

•Attack can be exploited to black hole traffic

•Black-holing most AS traffic with single phantom router

Page 11: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Real World Impact

List of AS topologies used

AS number ISP name Number of Routers

1221 Telstra 115

3967 Exodus 80

6461 Abovenet 145

Page 12: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Percentage of black-holed routers pairs when multiple phantom routers are used

1 2 3 40%

10%

20%

30%

40%

50%

60%

70%

80%

Telstra Exodus Abovenet

Page 13: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

Mitigation Measures

•Protocol Weakness•Same secret key•Master cannot see message content

•Anti source-IP spoofing

•Master must prove to slave that it has seen at least one message from slave

Page 14: Persistent OSPF Attacks Gabi Nakibly, Alex Kirshon and Dima Gonikman, Dan Boneh 19th Annual Network & Distributed System Security Conference (NDSS 2012)NDSS

THANKYOU

AND

ANYQuestions?


CloudLeak - NDSS Symposium

NDSS 2004Hu and Evans, UVa1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu and David Evans [lingxuan, Department

Yan Shoshitaishvili Firmalice - NDSS Symposium...Prompt Authentication Success Failure Backdoor e.g. strcmp() Easier to find! Hard to find

A NEW MUSICAL BY AMELIA KIRSHON

Polypyus – The Firmware Historian - NDSS Symposium

Guide Me & Watch Me Succeed - NDSS

National Down Syndrome Society - NDSS · National Down Syndrome Society NDSS Community Support Programs NDSS is committed to providing the Down syndrome community with quality support

, Sujuan - NDSS Symposium

National Diabetes Services Scheme (NDSS) INSULIN · PDF fileNational Diabetes Services Scheme (NDSS) INSULIN PUMP CONSUMABLES ORDER FORM. NDSS IPC Order Form 115 Soft Release O (6mm,

Fookune ndss gsm (1)

NDSS Symposium

Ajith Suresh - NDSS Symposium

POWERSPY LOCATION TRACKING USING MOBILE DEVICE POWER ANALYSIS 1 Yan Michalevsky (1), Gabi Nakibly (2), Dan Boneh (1) and Aaron Schulman (1) (1) Stanford

Windows 2000 Security Architecture - NDSS Symposium

TCP Injection attacks in the wild - Black Hat INJECTION ATTACKS IN THE WILD A large-scale survey of false content injection by network operators (and others…) Gabi Nakibly 1,2, Jaime

1 Maximizing Restorable Throughput in MPLS Networks Reuven Cohen Dept. of Computer Science, Technion Gabi Nakibly National EW Research Center Published

Noam Segev, Israel Chernyak, Evgeny Reznikov Supervisor: Gabi Nakibly, Ph. D

Absorption NDSS

Finding Vulnerable Network Gadgets in the Internet Topology Author: Nir Amar Supervisor: Dr. Gabi Nakibly Author: Nir Amar Supervisor: Dr. Gabi Nakibly

Does Counting Still Count? - NDSS Symposium...NDSS 2013 Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

Persistent OSPF Attacks Gabi Nakibly , Alex Kirshon and Dima Gonikman , Dan Boneh

BotSniffer Ndss Slides

NDSS Ambassador Sargent Shriver International Global ...€¦ · David Egan 1 NDSS Ambassador Sargent Shriver International Global Messenger. JP Kennedy Jr. Public Policy Fellow

Persistent OSPF Attacks - crypto.stanford.educrypto.stanford.edu/~dabo/pubs/papers/ospf.pdf · Persistent OSPF Attacks Gabi Nakibly National EW Research & Simulation Center Rafael

Dachshund - NDSS Symposium · Dachshund Digging for and Securing Against (Non-)Blinded Constants in JIT Code NDSS Symposium 2017 Giorgi Maisuradze, Michael Backes, Chris;an Rossow

NDSS 2007 Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna

Metamorph: Injecting Inaudible Commands ... - NDSS Symposium

By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly

EFFECTS OF COVID-19 ON KIRSH and SHIPPING HELMETS · 2020-05-19 · For Kirshon, the helmets made today just don’t cut it. He said they’re either too big or don’t offer enough

Understanding and Detecting International ... - NDSS Symposium

Michael Zohner (TU Darmstadt) - NDSS Symposium

Compliance Cautions - NDSS Symposium

KinWrite: Handwriting-Based Authentication Using Kinect Proceedings of the 20th Annual Network & Distributed System Security Symposium, NDSS 2013 Jing

Hyper-Cube - NDSS Symposium

PROJECT IN COMPUTER SECURITY - 236349 IS-IS ROUTING ATTACKS Supervisor Gabi Nakibly, Ph.D. Students Bar Weiner, Asaf Mor Spring 2012