1 / 21

SECURE INSTANT MESSENGER

SECURE INSTANT MESSENGER. HUSKY HACKERS –GROUP 7 ABDULLA AL ALI DEEPAK KALRA RAGURAM KRISHNAMACHARI SHINN CHYANG. IMPLEMENTATION. Finite State Machine 3 Event – Transport Event GUI Event Timeout Event Swing GUI Threads Transport Layer - UDP Listener Sender

eron
Download Presentation

SECURE INSTANT MESSENGER

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURE INSTANT MESSENGER HUSKY HACKERS –GROUP 7 ABDULLA AL ALI DEEPAK KALRA RAGURAM KRISHNAMACHARI SHINN CHYANG

  2. IMPLEMENTATION Finite State Machine 3 Event – Transport Event GUI Event Timeout Event Swing GUI Threads Transport Layer - UDP Listener Sender Business Logic - Requests

  3. SOFTWARE ENGINEERING Waterfall Approach Use Cases State Diagrams Coding Guidelines Implementation Code Review Testing Java Docs Other Documents Deployment

  4. CHALLENGES RSA encryption Client State Machine – One Client Chat with one user at a time

  5. CHALLENGES (State Machine) IM state transition when A talks to B Timeline when A is talking to B, C wants to talk to A RID 250 RID 520 RID 530

  6. PROTECTION (Linux server) Setup snort + log traffic Setup AIDE Disabling Extraneous services (cupsd, exim) Configure Firewall (iptables)

  7. PROTECTION (IM) Cookie challenge to prevent DOS attack Timestamp Strong encryption and hash algorithm Event logs on IM server

  8. ATTACKS ON OTHER TEAMS Lack of documentation Lack of code clarity Server uptime

  9. TEAM 1 – KADS Design does not match implementation Client did not run in LINUX Client & Server have to run in the same machine Could not log in two users simultaneously

  10. TEAM 1 – KADS (Contd …) No timeouts, client stuck in while loop. No weak password protection AES in ECB mode

  11. TEAM 3 – TORMENTORS DoS ATTACK Number of Client threads limited to 5000

  12. TEAM 3 – TORMENTORS (cont.) • Couldn’t run the program(unhandled exceptions) • Second DoS

  13. TEAM 5 – NSN No end point hiding

  14. TEAM 2 – ENIGMA No end point hiding

  15. ATTACKS SUFFERED TEAM 3 - Trudy’s attempt to logout Bob • ARP POISONING • LIST -> LOGOUT

  16. WHY THE ATTACK FAILED Originating IP address did not match Bob’s // Retreive the user from the Hash Map UserInfocurrentUser = (UserInfo) users.get(ipAddress); Successful logout Received a datagram pkt... requestID: 710 from: 10.0.7.1 RID: 710 710 LOGOUT The user Deepak was removed. Unsuccessful logout Received a datagram pkt... requestID: 710 from: 10.0.0.3 RID: 710 Received a datagram pkt... requestID: 210 from: 10.0.0.3 RID: 210

  17. How to prevent it Modify the protocols as following:

  18. ATTACKS SUFFERED (cont.) • DoS attack from 10.0.5.2 • Server survived • To Prevent: Block 10.0.5.2 using the firewall Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2 Received a datagram pk from 10.0.5.2

  19. LESSONS LEARNED Error Messages

  20. LESSONS LEARNED (cont.) • Similar encrypted protocols • Message integrity • End point hiding

More Related