Title: Countering Large-Scale Internet Pollution and Poisoning
1Countering Large-Scale Internet Pollution and
Poisoning
- Aleksandar Kuzmanovic
- Northwestern University
http//www.cs.northwestern.edu/akuzma/
2Problem and Approach (general)
- Denial of service (DoS) attacks in the Internet
- Serious problem
- Becoming more and more sophisticated
- Approach I
- Search for new classes of DoS attacks and system
vulnerabilities - It is interesting it makes sense it is
relevant - Approach II
- Exploit asymmetric costs
- Small efforts by defenders will require attackers
to multiply the amount of resources (e.g.,
bandwidth, time, precision) - Raise the bar high enough to make the attacks
hard (vs. impossible) to conduct
3Pollution in P2P File Sharing Systems
- Music industry vs. p2p networks
- Our work
- Denial-of-Service Resilience in Peer-to-Peer File
Sharing Systems - In Proceedings of ACM SIGMETRICS 2005.
- Insight
- Despite highly replicated content and a
decentralized system design, pollution attacks
can be highly effective - Is it feasible to conduct similar type of attacks
in the Internet at a large scale?
4Large-Scale TCP Poisoning Attacks
- Attack scenario
- Sniff and shoot
- Extremely easy to desynchronize TCP endpoints
- a single packet needed (e.g., low rate attacks)
5(No Transcript)
6(No Transcript)
7(No Transcript)
8Large-Scale TCP Poisoning Attacks (II)
- Our Approach
- No explicit security association between
endpoints - Protocol design
- Raise the bar high enough to exploit asymmetric
costs - Solution-specific details
- Deferred protocol reaction
- Forward hashing
- Self-clocking correlation method
- Kernel-level implementation in FreeBSD
9Pollution Attacks against Internet Caches
- Fact
- Majority of requests for Web, p2p, and DNS are
served from caches
10Pollution Attack Scenarios (I)
Attacking a web cache
Attacking an ISP cache
11Pollution Attack Scenarios (II)
?
?
?
?
?
?
?
?
Pollution attack against a local DNS server
12Pollution Attack Classes (I)
Before attack
After attack
New unpopular files
Popular files
....
....
....
....
Cache
Cache
Locality-disruption attacks
13Pollution Attack Classes (II)
Before attack
After attack
Bogus popular files
Popular files
....
....
....
....
Cache
Cache
False locality attacks
14Our Solution
- Design goals
- High accuracy and scalability
- Approach
- Streaming computation techniques, i.e., Bloom
filters - Squid-based implementation
AE
Spawn
Spawn
Squid
File
Auxiliary part of
Detection Module
AE
Signal
AEI
Daemon
Signal
A pair of pipes
Triggered
Module
Detection Module
File
(Main part)
15Summary
- Actively searching (and developing solutions) for
new types of DoS attacks - Pollution and poisoning
- P2p networks, TCP, Internet caches
- Solutions
- Exploit asymmetric costs between defenders and
attackers - Prototype implementations