Protecting Critical Information Infrastructures

Transcription

1 Protecting Critical Information Infrastructures Hannu H. Kari Helsinki University of Technology professor on mobility National Defence University professor, research director professor Hannu H. Kari Page 1/32

2 Security problems in Internet, samples October 2002, Scientific American 9 out of 13 root DNS servers were crippled by DDoS attack November 2004, Damages caused by worms/viruses, Mikko Hyppönen/F-Secure Slammer: Intranet of nuclear power plant in Ohio down Bank of America ATM network down Blaster: Electric power network down in NY, USA Several SCADA systems down Sasser: All train traffic halted in Australia Two hospitals in Sweden infected January 2005, BBC News Internet gambling hit hard by the attacks. Extortionists are targeting net-based betting firms and threatening to cripple their websites with deluges of data unless a ransom is paid. September 2006, Scientific American Attack on DNS (Domain Name System) allows cybercriminal to hijack ordinary netbanking sessions January 2007, Almost 1 Million stolen from a Scandinavian bank by a Russian hacker with a trojan distributed with spam mail The biggest so far.. January 2005, FBI/Tsunami Net criminals used fake web pages of American Red Cross to get credit card data May 2007, IT-Viikko Attacks on Estonian governmental and commercial net sites professor Hannu H. Kari Page 2/32

3 Security problems in Internet, samples DDoS attacks Design flaws DoS, DDoS attacks Criminal intentions Viruses, worms, mallware Criminal intentions DNS attacks Design flaws Phishing Users stupidity Scams Users stupidity DoS, DDoS attacks Design flaws professor Hannu H. Kari Page 3/32

4 Internet design flaws Original design principles: The enemy is out there! Everybody can send anything to anybody Security measures are introduced afterwards The new design principles: The enemy is among us! We must be prepared to pay for security/reliability in form of computation power, bandwidth, energy, etc. Strong security as the fundamental building block Legal sanctions against malevolent entities Every packet must have an owner! professor Hannu H. Kari Page 4/32

5 Security domains professor Hannu H. Kari Page 5/32

6 Four security domains 4. Virtual communities (Knowledge sharing) Restricted caller groups 3. Content integrity/authenticity/timelyness (information sharing) PGP, S/MIME 2. End-to-end secured communication (Data integrity and confidentiality) IPsec, TLS 1. Reliable operation of the critical network infrastructure Partial solutions: MPLS, Physical protection professor Hannu H. Kari Page 6/32

7 Weakest point: Infrastructure Info-bulimia Flooding, DoS/DDos, Smurf, Sync,... Info-anemia Link breakage, data corruption, rerouting packet, router attacks, DNS-attacks,... We don t get vital information in time We can t make decisions or we do decisions with incomplete information Reliably operating network is a MUST professor Hannu H. Kari Page 7/32

8 Solving the problems professor Hannu H. Kari Page 8/32

9 Securing network infrastructure professor Hannu H. Kari Page 9/32

10 Traditional Internet usage R R professor Hannu H. Kari Page 10/32

11 Protecting network infrastructure Need: Communication between two legitimate computers shall be possible despite any hostile attacks, manipulated packets, jammed networks, cut the communication links, etc. Target: The network (i.e., routers) shall distinguish whether a packet is Good: generated by a legitimate computer => forward packet Bad: generated or modified by attackers => discard packet Possibility to prioritize traffic based on importance of packet/user professor Hannu H. Kari Page 11/32

12 Ultimate solution: Packet Level Authentication (PLA) Analogy: Security measures on notes Holograms, Microprint, Watermarks, UV-light Any receiver of notes can verify the authenticity of every note without consulting with banks or other authorities In PLA (designed by HUT) every packet is digitally signed by originator with strong crypto contains all information to validate authority of the sender integrity, timeliness, uniqueness of the packet Project financed by Finnish government s (Tekes) strategic research funding professor Hannu H. Kari Page 12/32

13 Performance Altera FPGA ECC module With single chip solution: 200 Mbit/s with 150B packets 2 Gbit/s with 1500B packets Gigabit Ethernet IN Front end standard 1GE IP core ECC module ECC module ECC module ECC module HUT s HW implementation (Altera s Stratix II EP 2S180F1020C3 FPGA chips with 150 MHz clock) One ECC digital signature calculation/validation takes 120us With 19 parallel modules, max output is signatures/s With special ASIC its possible scale performance over 10 Gbit/s with single chip implementation Guestimated: 50M gates chip running 500 MHz... Back end standard 1GE IP core Gigabit Ethernet OUT professor Hannu H. Kari Page 13/32

14 Short term solution: Secured Infrastructure Router (SIR) SIR SIR professor Hannu H. Kari Page 14/32

15 Secured Infrastructure Router (SIR) SIR QoS control, duplication SIR QoS control, duplicate removal QoS reporting, management signaling professor Hannu H. Kari Page 15/32

16 Alternative SIR operation SIR SIR SIR SIR SIR SIR SIR SIR professor Hannu H. Kari Page 16/32

17 Securing services professor Hannu H. Kari Page 17/32

18 Increasing reliability of network services Internet ISP 1 ISP 2 REUNAREITITTIMET IPS / HYÖKKÄYKSEN LIEVENNYS PALOMUURIT SSL-SALAUS / SALAUKSEN PURKU IPS SISÄLTÖKYTKIMET / KUORMANJAKO EDUSTAPALVELIMET Tietokeskus 1 Tietokeskus 2 Varmistuskeskus SOVELLUSPALVELIMET source: Anssi Rajaniemi: Verkkopankin toimintavarmuuden turvaaminen tietoverkon näkökulmasta, HUT, Master s thesis, 2005 Tietokeskus PALOMUURIT KESKUSKONEET professor Hannu H. Kari Page 18/32

19 Securing content delivery professor Hannu H. Kari Page 19/32

20 Multichannel data delivery:today Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV National Defence Authorities University, Citizens professor Hannu H. Kari Page 20/32

21 Multichannel data delivery: in the future Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV National Defence Authorities University, Citizens professor Hannu H. Kari Page 21/32

22 Reliable delivery of a document document Sender Add FEC Signatures multichannel network check signatures Receiver data reconstruction defragmentation fragmentation document professor Hannu H. Kari Page 22/32

23 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 23/32

24 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 24/32

25 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 25/32

26 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 26/32

27 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Information professor Hannu H. Kari Page 27/32

28 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV Regenerating missing data by using error correction information in other packets locally Information professor Hannu H. Kari Page 28/32

29 Multichannel data delivery Actual data Military networks TETRA/ VIRVE GSM Internet Radio/TV correct and up to date information Information professor Hannu H. Kari Page 29/32

30 Conclusions professor Hannu H. Kari Page 30/32

31 Conclusions Risks with Internet are imminent Architecture with several levels of security Plan-B: What shall we do, when our network doesn t work? What is the minimum level of service? professor Hannu H. Kari Page 31/32

32 NATIONAL DEFENCE UNIVERSITY Do the work that has a meaning Thank you for your Questions? attention! professor Hannu H. Kari Page 32/32