170 likes | 310 Views
Dynamic Network Emulation. Security Analysis for Application Layer Protocols. The Problem. There are many network simulation and network analysis tools designed to look at issues in Layer 2 and Layer 3 protocols.
E N D
Dynamic Network Emulation Security Analysis for Application Layer Protocols
The Problem There are many network simulation and network analysis tools designed to look at issues in Layer 2 and Layer 3 protocols … but as the use of overlay networks grow, large amounts of network activity occurs at the applicationlayer.
The Problem Overlay network security can significantly depend upon network topology and routing In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity An adversary can position themselves to observe Skype calls routed through super nodes. …but we don’t have a good way to analyze the feasibility and effectiveness of these attacks
The Problem: Extended In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity Bad ISP Good ISP Okay ISP
The Problem: Extended In onion-routing style anonymity networks, an adversary who can observe both sides of the anonymous path can break anonymity What if they can do it for N host-pairs? What if the adversary can force a change in routing between two hosts? Do some routing protocols exacerbate this issue?
How can we answer these questions? • Ideally, the same way we do with other things • Unfortunatelythese are real applications, running in the real world, and we want to know how that world affects them Hypothesize Test Explain
How can we answer these questions? • We can observe real-world data, but we have: ... limited vantage points ... little ability to test hypotheses ... no way to change the environment What we need is a application layer networkmodeling environment
Modeling Environments Exist • Network Testbeds: • Clusters of isolated machines that can be reserved and configured into network topologies • Network Simulators: • Tools that simulate network applications at varying levels of fidelity • Network Emulators: • Tools that create a fake network on which real-world applications can be run without modification Each of these has downsides
Modeling Environments Exist • Network testbeds can suffer from contention and scalability • Network simulators use an abstraction for the application; security often depends on corner cases • Network emulators often prevent network manipulation once configured and operating …but it’s not all bad
Modeling Environments Exist • Network emulators have significant benefits • They run actual application binaries • They require drastically less hardware • Unfortunately many existing emulators use static routing and do not allow live network manipulation
Proposal: GUFiNE “GU Flexible Network Emulation” Application instances connected in arbitrary network topologies Contained within an emulation host Host Emulator Host Emulator Or a collection of emulation hosts
Proposal: GUFiNE Emulation Host Application Level Network Applications Net Emulator Control Interface Linux • Path characteristics (delay, bandwidth) and routing can be updated on the fly Packets are delayed and re-injected (without ever leaving the host). Network Emulator • Path information is stored in the routing engine and used for traffic shaping and routing Network Stack Net Emulator Routing Engine
Proposal: GUFiNE • GUFiNE transparently creates a network topology for applications running on the host • Applications simply bind to an IP address alias • The control plane allows routing and network link characteristics to be modified on the fly
Proposal: GUFine • Allows exploring questions in changing network conditions. • What advantage does an adversary receive if they can shift the routing between two hosts when trying to break anonymity in an onion routing network? • What if they can do it for N host-pairs? • Can explore these questions with real application binaries
Proposal Requirements Part 1 Part 2 Research proposal; costs are estimated; success is not guaranteed