SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail.
-
Upload
shanon-smith -
Category
Documents
-
view
216 -
download
2
Transcript of SOS: Secure Overlay Services A.Keromytis, V. Misra, and D. Rubenstein Presented by Tsirbas Rafail.
SOS: Secure Overlay Services
A. Keromytis, V. Misra, and D. Rubenstein
Presented by Tsirbas Rafail
The main components
• Target
• Legitimate user
• Attacker
The basic idea
• DoS attacks succeed because the target is easy to find
• SOS Idea: Create an overlay and send the traffic through it
The Goal
• Allow already approved users to communicate with a target
• Prevent attackers packets from reaching the target
• The solution must be easy to distribute
1st Step - Filter• Routers near target filter packets
according to their IP address– Legitimate users’ IP addresses
allowed through– Illegitimate users’ IP addresses
aren’t
Problems:I)“good” and “bad” user
share the same IP addressII)”bad” user knows “good”
user’s IPIII)”good” user changes IP
frequently
Target
Filter
2nd Step - Proxy• Install Proxies outside the filter
whose IP addresses are permitted through the filter– Proxy only lets verified packets
from legitimate sources through the filter
Problem:I)Attacker pretends to be
the proxyII)Attacker attacks the
proxy
Proxy Target
3rd Step – Secret Servlet• Keep the identity of the proxy
secret– Name it Secret Servlet– Secret Servlet is known only by the
target, and a few other points in the network
4th Step – Overlays
• Send traffic to the secret servlet via a network overlay– Nodes: Devices– Paths: IP paths
Verification can be performed inside each node
Node
Node
Network overlay
5th Step – SOAP
• Secure Overlay Access Points– Receive unverified packets and
verify(IPsec,TLS)– Large number of SOAPS– Distributed firewall
Node
Node
soap
soap
soap
Routing inside SOS
• Random route until secure servlet is reached(Inefficient)
• Instead use Chord service(hash function)
• Reaches a unique node called beacon
• Secret servlet, target inform beacon
Node
Node
soap
soap
soap
Node
beacon
Overview of SOS
User
Node
Node
soap
soap
soap
Node
beaconNode
Node
SecureServlet
Target
SecureServlet
SecureServlet
SecureServlet
beacon
beacon
Attacking SOS
• You can not directly attack target• Attack secret servlet• Attack beacons• Attack other overlay nodes
Attacking Analysis
Static Attack• N # of nodes in the overlay• SOAP = 10• Beacon = 10• Secure Servlet = 10
In order to have a successful DoS attack almost all overlay nodes must be compromised!
Attacking Analysis
Static Attack• Overlay Nodes • Compromised Nodes • Change the number of
beacons/servlets
In order to have a successful DoS attack number of beacons must be quite small!
Attacking Analysis
• Dynamic Attacks– SOS detects & removes attacked nodes– Attacker shifts from a removed node to an active one
• Overlay Nodes
• Change the value of r
Conclusions
• SOS protects a target from DoS attacks• How?– Filter around the target– Hidden proxies– Network overlay for legitimate users to reach
hidden proxies