190 likes | 285 Views
Research Overview. Carl A. Gunter University of Pennsylvania. FUNDING SOURCES Army Research Office National Science Foundation Office of Naval Research PROFESSORS Rajeev Alur Michael Greenwald Carl A. Gunter Sanjeev Khanna Jose Meseguer Andre Scedrov Santosh Venkatesh
E N D
Research Overview Carl A. Gunter University of Pennsylvania
FUNDING SOURCES Army Research Office National Science Foundation Office of Naval Research PROFESSORS Rajeev Alur Michael Greenwald Carl A. Gunter Sanjeev Khanna Jose Meseguer Andre Scedrov Santosh Venkatesh Steve Zdancewic RESEARCH STAFF Mark-Oliver Stehr Kaijun Tan PHD STUDENTS Margaret Delap Matthew Jacobs Alwyn Goodloe Michael McDougall Peng Li Gaurav Shah Raman Sharykin Jason Simas Ying Xu RESEARCH PROGRAMMERS Sumeet Bedi Watee Arsjamat Authenticated Traversal : L3A : Goodloe, Gunter, Stehr DoS : Selective Verification : Gunter, Khanna, Venkatesh OpEm : PPC : Alur, Gunter PISCES Projects
Wireless Security • Why is wireless security any different from wired security? • Resource constraints. • Value of the network link. • Increased risk to confidentiality.
Wireless Security Efforts • Layer 1 (Physical) • Spread spectrum • Layer 2 (Link) • 802.11x – 802.11(b) WEP, 802.11(g) • GPRS • CDMA 2000
Network Layer Wireless Security • Advantages • Independent of underlying link layer. • Overcomes the challenges addressed by layer 2 mechanisms for most cases. • Leverages extensive experience, s/w, and h/w support from Ipsec for VPNs. • Disadvantage • Need set up protocols.
Basic Challenge Internet LAN C NAS S
L3A Architecture L3A SAM SIKE SPD SAD Ipsec IP
SIKE w/ delegation SIKE w/ delegation SIKE SIKE Protocol Messages and Tunnels C NAS S
Research Directions • Build on sectrace experience. • Formal simulation of SIKE and L3A in Maude in parallel with design. • Implementation on BSD with X.509 certs. • Develop requirements for accounting and prove correctness.
DoS Models and Protection Measures • Shared Channel Model • Selective Verification • Bin Verification • Current Directions
Shared Channel Model • Adversary can replay and insert packets. • Legitimate sender sends packets with a maximum and minimum bandwidth. • Legitimate sender experiences loss, but not deliberate modification.
Shared Channel Model Example Sender Packet Dropped Sender Packet Attacker Packet S1 A1 S2 S3 S4 A2 A3 S5 A4 A5 • Model is a four-tuple (W0, W1, A, p). • W0, W1 min and max sender b/w • A attacker max b/w • p loss rate of sender
Signature Flooding • Attack factor R = A / W1. Proportionate attack R = 1. Disproportionate attack R > 1. • Stock PC can handle about 8000 PKC/sec. • 10Mbps link sends about 900 pkt/sec, 100Mbps link sends about 9000 pkt/sec. • Budget: no more that 5% of processor on PKCs.
Selective Sequential Verification • Adversary can devote his entire channel to fake signature packets. • Countermeasure: • Valid sender sends multiple copies of the signature packet. • Receiver checks each incoming signature packet with some probability (say, 25% or 1%).
A loads this channel with bad packets S requires low b/w channel with high processing cost at R Attack Profile A R S
Selective Verification A R S
A gets reduced channel S adds redundancy Selective Verification R makes channels lossy A R Tradeoff: bandwidth vs. processing S
1 1 2 2 3 4 1 1 1 2 3 4 Bin Verification
Current Research • Develop a unified theory with Dolev Yao A B : M • Investigate general protocol analysis techniques. • Analysis of TCP. t