1 / 43

Dissemination of Security Updates

This dissertation proposal outlines the motivation, challenges, and thesis of studying the dissemination of security updates, along with related work and protection against attacks. It also proposes a dissemination mechanism and discusses one strategy in the initial study. The dissertation plans and summary are included as well.

aidell
Download Presentation

Dissemination of Security Updates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dissemination of Security Updates Jun Li Dissertation Proposal

  2. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One strategy in initial study • Dissertation plans • Summary • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  3. Motivation • Consider network security in general Dissemination of security updates

  4. Dissemination of security updates

  5. Motivation • For instance, before taking action an attack may hide itself and penetrate into many machines • Wide-spread information sharing in a timely way is necessary • The information is called security update • Consider network security in general • Security attack on just a single machine in a network environment is usually not the case Dissemination of security updates

  6. Security Update Examples • Virus signature (and remedy) • Special events in distributed intrusion detection • Offending characteristics to be filtered by a firewall • Characteristics of a potential attack Dissemination of security updates

  7. Observation • They all share a common need of doing security update dissemination • But the need is addressed in various unsatisfactory ways (to be discussed later) Dissemination of security updates

  8. Solution to the problem • Provide a common facility for security update dissemination Dissemination of security updates

  9. Challenges • Scalability • Low latency • High assurance • some machines may be subverted • some machines may be disconnected • Topological adaptability • Heterogeneity • Low overhead • High security itself Dissemination of security updates

  10. Thesis Dissemination of security updates while simultaneously addressing each of the above challenges is feasible.  Design and build a system that does the work  Call the system Revere Dissemination of security updates

  11. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  12. Related Work • Information dissemination • simple transmission techniques • mailing list • distribution of software, virus signature, or key • network time protocol • push technology • Element management • replicated data management • intrusion detection Dissemination of security updates

  13. network Simple Transmission Techniques • Broadcasting • Unicasting(one-to-one) • Flooding • Multicasting Dissemination of security updates

  14. network Mailing List • Scalability • Single path to reach recipients • Hard to interface with other software ... Dissemination of security updates

  15. Distribution of Software, Virus Signature, or Key • Software distribution • Virus signature distribution • Key distribution Dissemination of security updates

  16. Network Time Protocol • Disseminating clock time to synchronize machines on network • manually configured • no retransmission Dissemination of security updates

  17. Push Technology • Some commercial products: BackWeb, Ifusion, InCommon, Intermind, Marimba, NETdelivery, Wayfarer • poll the server periodically, fetch if needed • Salamander • build a substrate • push data from suppliers to clients through the substrate • only single path from a supplier to a client • no handling for disconnected machines Dissemination of security updates

  18. Element Management • Replicated data management • each machine in Revere has a replica of security update • Intrusion detection • if we know which machines are subverted ... Dissemination of security updates

  19. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  20. Protecting Revere • Revere must protect itself against attacks • otherwise, security update won’t be disseminated successfully • corrupted Revere is more dangerous if used by enemy for own purpose Dissemination of security updates

  21. Attacks on Revere • Corrupting a message • modification • fabrication or forgery • Corrupting the transmission path • blockage • misdirection • denial of service by replay overloading • Leakage of security update Dissemination of security updates

  22. Fight Against Attacks • Message corruption • digital signature • Transmission path corruption • redundancy by multiple paths • be ready for replay attacks by logging signatures of previous security updates • leakage of security update • no secrecy when many millions of machines are receivers to share same information Dissemination of security updates

  23. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  24. Dissemination Mechanism • High assurance • Pulling by disconnected node • Receiver based policy • Opportunistic use of transmission options • Scalability  Dissemination structure Dissemination of security updates

  25. 1. High Assurance • implosion • Using acknowledgement • ack can be dropped • need to figure out what is missed by whom • retransmission probably follows same old path • Using negative ack • only avoid implosion, and • only feasible when knowing a security update is missed • Using redundancy • harder to corrupt all • to achieve best effort • accompanied with additional techniques, such as pulling Dissemination of security updates

  26. network 2. Pulling By Disconnected Node • Pulling from  is not scalable and hard to handle • Repository nodes • High assurance pulling • find best repository nodes Dissemination of security updates

  27. 3. Receiver Based Policy • Heterogeneous Revere node in terms of • different resiliency request • different environment (hostile or safe) • different context itself • different transmission characteristics • different platform • different ability of being aware of above Dissemination of security updates

  28. network 4. Opportunistic Use of Transmission Options • When security update forwarded from machine to machine(s), choose best option of available transmission type • Tradeoff among • best performance • resource usage • delivery guarantee • simplicity of implementation Dissemination of security updates

  29. 5. Scalability • Be ready for millions of receivers, or even more • resource usage • performance • security • Any machine can only have partial information of the whole system • distributed computing Dissemination of security updates

  30. Dissemination Structure • Automatic configuration • an easy-to-use user interface needed • manual configuration hurts • Dynamic adjustment adaptively • when a new node joins • when an existing node quits • when transmission characteristics changes • when detecting security problems • and so on ….. Dissemination of security updates

  31. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One Strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  32. A unicast B,C multicast D …………. B floppy X broadcast C A (empty) C unicast w/ IP source routing B (empty) X Dissemination w/ Sending Table • Each Revere node has an associated sending table locally Dissemination of security updates

  33. Building the Sending Table • Requirements • automatic • match dissemination mechanisms • dynamically adjustable • Some information about dissemination sources are common knowledge • addresses • type of security updates to disseminate • public keys • Maybe similar information of some existing Revere nodes Dissemination of security updates

  34. Join Request Detected info between newborn and recommended Recommended machines list Machines listed in ’s sending table Selected machines list Machines recommended to newborn Machines selected A Newborn Recursive Enrollment of Newborn Recommending Algorithm  Decision Making Algorithm Dissemination of security updates

  35. Enrollment Flexibility • A new Revere machine can attach itself to Revere system by sending enroll request(s) to any existing Revere node(s) • based on trustfulness, or • contact more than one Dissemination of security updates

  36. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One Strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  37. A Prototype w/ Basic Functionality • Security update delivery analysis • Dissemination structure formation and management • Dissemination process • push • pull Dissemination of security updates

  38. Security Enforcement • Authentication of security update • signing and verification of security update • key management • Replay prevention • don’t be fooled to send lots of replays since Revere has big fan-out Dissemination of security updates

  39. Test the System • Build a testbed • composed of heterogeneous machines and transmission media • small scale • Simulate possible attacks Dissemination of security updates

  40. Simulation • Large scale • With some Revere nodes subverted • and actively thwarting the dissemination • Understand the effects when lots of machines pull missed information • ……………... Dissemination of security updates

  41. Outline • Motivation, challenges, and thesis • Related work • Protection against attacks • Dissemination mechanism • One Strategy in initial study • Dissertation plans • Summary Dissemination of security updates

  42. Summary • The goal is to be able to disseminate security updates securely, quickly, adaptively, to large number of heterogeneous machines with high assurance and low overhead • The work includes design, prototype, test, simulation, evaluation Dissemination of security updates

  43. Questions? Dissemination of security updates

More Related