Faults and failures Network specific threats Attack types and attacker models Summary PA197 Secure Network Design 2. Faults, Threats, Attacks Eva Hladká, Luděk Matýska Faculty of Informatics February 2, 2017 Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Q Faults and failures • Internet • Ad-hoc, mobile and vehicular networks • Sensor networks Q Network specific threats • Internet • Sensor networks • Ad-hoc, mobile and vehicular networks Q Attack types and attacker models • Internet • Sensor networks • Ad-hoc, mobile and vehicular networks Q Summary Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Faults and Failures Internet Ad-hoc, mobile and vehicular networks Sensor networks • All systems susceptible to failures 9 Failure resilience mandatory part of the design • unfortunately not true for most commercial systems/networks today • resilience goes with a cost • not possible to build absolute resilience • Faults: some flaws in the system o but sometimes left by design, e.g. just one router for a small network 9 Failures: emergent faults • Random faults: occurrence unpredictable (probability) • Induced (domino): e.g. link disconnection leads to higher service failure • Malicious: results of attacks (usually use some (known) flaw) Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks • Physical • components faults and failures • hardware level, but includes immediate software components e.g. active element operating system fault or failure • Protocols • software layer • shortcomings (limits) of protocols • bugs: incidental and malicious failures • Applications • software layer Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary elected failure examples Internet Ad-hoc, mobile and vehicular networks Sensor networks • Topology failures • Overload • Integrity o Software faults Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary apology failures Internet Ad-hoc, mobile and vehicular networks Sensor networks Cable failures • terrestrial • sub-marine Sub-marine cable threats • fishing and anchoring o natural disasters • earthquake 27th December 2006 damaged the cables near Taiwan, leading to disruption of Internet and telephone service in Asia Pacific region • Hong Kong completely cut off • theft • March 2007, 11 km section of cable connecting Thailand, Vietnam, and Hong Kong removed • Internet speed affected in Vietnam Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Topology failures II Internet Ad-hoc, mobile and vehicular networks Sensor networks • Routing problems • link disconnection and/or node failure « Router failures • (D)DoS attacks • software bugs • example: too long BGP Autonomous Systems paths • Recovery times: • hundreds of milliseconds for intra-domain routing (e.g. OSPF) • minutes for inter-domain routing (BGP) 9 Pakistan "black hole" in 2008 after banning YouTube • propagated through the mis-configuration to the whole world Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks • Result of limited capacity of network equipment • congestion (flash/short/long term) • TCP has congestion control • however independent of routing © simply slowing down instead of re-routing • one of motivations for Software Defined Networks (SDN) • Flash Crowds versus (D)DoS attacks • how to distinguish unusually high but legitimate traffic from malicious traffic? Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures o Bugs in software • development phase • buffer overflow most prominent example • Bugs in configuration • deployment phase • could have wide (global) effect • Pakistan/YouTube, Google search, ... Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Ad-hoc, mobile and vehicular networks Sensor networks • In some aspects similar to Internet • the mobility introduces additional complexity/source of failures • Hardware level • component faults • more fragile "active" elements • frequent failure a property • disconnection due to distance • not possible to distinguish from a failure • Protocols • reliable routing problem • link failure a property, not an exceptional event Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures • Static nodes, but high probability of failure of any individual node 9 Limited life span of a node battery drainage • Interference • Routing and transmission protocols • redundancy versus energy conservation Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Th reats—Overview Physical installation threats • hardware threats • physical damage to the hardware and/or wires • electrical threats • electricity fluctuations (brownouts and spikes) • electricity loss (blackouts) • environments threats • external conditions (temperature, electrostatic and magnetic interferences, humidity etc) • disasters (flood, fire, ...) • maintenance threats • missing, incorrect or damaged spare parts • incorrect or missing labeling of components and cables • poor handling of components o low quality of instalation Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ m 4- i -c 4-u 4- Internet Network specific threats c a I . /T , I I Sensor networks Attack types and attacker models A , , ,., , . . , , Jr f Ad-hoc, mobile and vehicular networks bummary • Phishing • search ("fish") for personal details • usually using e-mails or social networks o Viruses and worms • malicious software that arrives attached to another (benign) program or data (e.g. e-mail) • replicates within the attacked computer • worm actively tries to attack new systems over the network • Spyware and adware spyware collects information about users on Internet adware a special kind of spyware to help targeting advertisements (without user consent) • Trojans • malicious program like virus, but does not replicate itself • Rogue security software • attacks trust relationship Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ m 4- i -c 4-u 4- Internet Network specific threats c a I . /T , I I Sensor networks Attack types and attacker models A , , ,., , . . , , Jr f Ad-hoc, mobile and vehicular networks Summary • Symantec reports • https://know.elq.Symantec.com/LP=1542 • Main categories • mobile devices and Internet of things • web threats • social media and Scams targeted attacks • data breaches and privacy o e-crime and malware • Statistics from 2015 report Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX BACK TO TABLE OF CONTENTS - MOBILE DEVICES Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX BACK TO TABLE OF CONTENTS - WEB THREATS Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX 1015 Internet Security Thre BACK TO TABLE OF CONTENTS - In 2014, Symantec observed that 70 percent of social media scams were manually shared. 3,829 6,993 2013 Average Number of Phishing URLs on Social Media 28 Billion 29 Billion Estimated Global Spam Volume per Day SCAMS & SOCIAL MEDIA Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX BACK TO TABLE OF CONTENTS - 841 779 18 23 25 29 Campaigns Recipients per Campaign Average Number of Attacks per Campaign 9 8 Days Days Average Duration of a Campaign Spear Phishing Email Campaigns Industry Mining Manufacturing Transportation, Communications, Electric, Gas & Sanitary Services Public Administration (Government) 1 in 2.3 44% 1 in 2.7 37% 1 in 2.9 34% 1 in 3.4 29% 1 in 3.0 33% 1 in 3.2 31% 1 in 3.4 29% 1 in 3.9 26% 1 in 3.4 29% 1 in 3.1 32% Risk Ratio of Spear-Phishing Attacks by Industry Spear Phishing Emails per Day Industry ■ 2014 ■ 2013 Manufacturing 20% 13% Services— 20% Nontraditional 14% Finance, Insurance 18% & Real Estate 13% Services— 11% Professional 15% Wholesale 10% 5% Top 10 Industries Targeted in Spear-Phishin I Attacks TARGETED ATTACKS Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE&IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES* PRIVACY E-CRIME & MALWARE APPENDIX 2015 Internet Security Threat Report 14 BACK TO TABLE OF CONTENTS - Last year, 60 percent of all targeted attacks struck small- and medium-sized organizations. Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX 1015 Internet Security Threat Report 15 BACK TO TABLE OF CONTENTS - actively exploited by attackers for a combined 295 days before patches were available. 19 59 I Average Days to Patch by Vendor for Top 5 Zero-Days I Total Days of Exposure for Top 5 Zero-Days ■295 81% Microsoft ActiveX Control 10% Microsoft Internet Explorer 7% Adobe Flash Player 2% Adobe Flash Player <1% Microsoft Windows if I i _ A II V/ 0 25 50 75 100 125 150 175 200 225 250 275 300 Number of Days After Vulnerability Publication Top 5 Zero-Day Vulnerabilities - Days of Exposure and Days to Patch Source Symantec Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX BACK TO TABLE OF CONTENTS - The number of breaches increased 23 percent in 2014. Attackers were responsible for the majority of these breaches. SHARE Breaches with More Than 10 Million Identities Exposed 8 Computer Software 35M ■ 7M I 2% 7M I 2% Top 5 Sectors Breached by Number of Identities Exposed Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS DATA BREACHES & PRIVACY E-CRIME & MALWARE APPENDIX BACK TO TABLE OF CONTENTS - 317M 2014 252M 2013 1 in 244 2014 New Malware Variants (Added Each Year) Email Malware Rate Inverse Graph: Smaller Number = Greater Risk 24 K Per Day 11 K Per Day Ransomware Total Ransomware attacks grew 113 percent in 2014, along with 45 times more crypto-ransomware attacks. 8.8 Million 2014 4.1 Million 2013 14, up to 28 percent of all malware was "virtual machine aware." Item 2014 Cost 1,000 Stolen Email Addresses $0.50 to $10 Credit Card Details $0.50 to $20 Scans of Real Passports $1 to $2 Stolen Gaming Accounts $10 to $15 Custom Malware $12 to $3500 1,000 Social Network Followers $2 to $12 Stolen Cloud Accounts $7 to $8 1 Million Verified Email Spam Mail-outs $70 to $150 Registered and Activated Russian Mobile Phone SIM Card $100 Value of Information Sold on Black Market E-CRIME & MALWARE Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks • Major threats: 9 physical • software • Physical threats: • interference battery drainage • overtake of a node • Security • routing mis-information • data loss • data injection Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Ad-hoc, mobile and vehicular networks • Ad hoc network o a network build for a specific purpose • no central base stations or access points • each node sender/receiver • peer to peer and multi=hop architecture • Mobile ad hoc network (MANET) • adds mobility to individual nodes • Vehicular ad hoc network (VANET) o specific version of MANET • (semi)organized (i.e. not completely random) movement of nodes • Roadside Units (RSU) • immobile units • two side communication with cars o specific user interaction modes (drivers disturbance) Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary MANET Properties Internet Sensor networks Ad-hoc, mobile and vehicular networks • Each node can communicate • power constraints for nodes • Communication is possible only between nodes "in range" • the set of neighbours changes in time • bandwidth usually limited • Each node can retransmit a message 9 router capability • multi-hop delivery • General performance a function of cooperation between nodes Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary security problems Internet Sensor networks Ad-hoc, mobile and vehicular networks • Open media • easy to eavesdrop or interfere with • Open routing protocol • no security mechanism 9 Continuously changing topology • easy hiding for an attacker • Relies on cooperation between devices • malicious node can "divert" others • Hijacked nodes Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary VAN ET specific problems Internet Sensor networks Ad-hoc, mobile and vehicular networks Privacy • drivers identity • unit identification (where are they moving) • Clear benefit for a malicious user • divert traffic • clear its own path Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Basic attack modes Internet Sensor networks Ad-hoc, mobile and vehicular networks Passive attacks • not directly influencing the target systems • monitoring the (unencrypted) traffic • authentication information (passwords) • other sensitive information • result is access to information Active attacks • break into a target system • bypass a security perimeter or break through it • manipulate messages • reply, modify, create, delete • impersonation (identity theft), Man-in-the-middle attack o result is access to data, modification of data, DoS Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Security Attacks Active Attacks Other attacks (Routing attacks Denial of Service Passive Attacks Attack against Privacy Monitors Eavesdropping Traffic Analysis Camouflages Adversaries Fabrication Spoofed, altered& replayed routing information Selective Forwarding Sinkhole Sybil Wormhole HELLO Flood Lack of cooperation Node Node Subver Malfun sion ction Modifi cation Node outage Impersonation Eavesdropping False Node Physical Attacks Node Replication Attacks Passive Information Gathering Message Corruption Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary >ybil Attack Internet Sensor networks Ad-hoc, mobile and vehicular networks • Attacker assumes several identities • defeat trust of a reputation system • Used to hide the malicious node (e.g. car in VANET) Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary • Physical attacks • targets the physical infrastructure • immediately indistinguishable form hardware faults • Internet service attacks • Domain Name Service (DNS) 9 e-mail • protocol vulnerabilities (e.g. TCP SYN attack) • Man-in-the-middle attack • DoS and DDoS attacks Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary • Insider attack 9 majority of attacks initiated from within the security perimeter <> Close-in attack • social engineering • physical access/proximity to the network • Phishing attack • Hijack attack • takes over the network session o Exploit attacks • uses known security hole • Protocol attacks • spoof attack • buffer overflow • Password attack • cracking passwords: brute force and dictionary attack • uses access to the file/database with passwords Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks TCP SYN Flood Attack • Exploits "trust" in the the TCP 3-way handshake protocol O client initiates connection with SYN packet O server acknowledges (SYN/ACK) and allocates resources O client sends the final acknowledgment (ACK) • What if client does not respond with ACK? • victim allocates resources (memory) • resources eventually freed through time out • but in the meantime victim not able to serve legitimate requests Simple Denial of Service attack • Attacker does not use its own IP address • why? Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary • A paper of Kuzmanovic&Knightly: Low-Rate TCP-Targeted Denial of Service Attacks. SIG COMM 2003. 9 Exploits TCP congestion control mechanism • Retransmission time-out • Exponentially reduce available bandwidth Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary • Pinciples o mis-uses the congestion avoidance mechanism of TCP • if severe congestion risk is recognized, TCP reduces congestion window to one packet and waits for a period of Retransmission Time Out (RTO) after which the packets is resent • further loss doubles RTO period • short outages (on adversary flow) at around RTT force TCP to timeout; all flows simultaneously enter the same state • when TCP attempts to exit timeout and enter slow-start • adversary creates another outage to force the flows synchronously back to timeout state • Difficult to detect • recognizable: high-rate bursts on short time-scales o And mitigate • randomized minRTO Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Distributed DoS o Single source DoS attack (rather) easily defended • does not mean we know who is the attacker • but we can stop her (usually) 9 Distributed DoS • many sources of attack o each harmless by its own • their quantity is the problem • Uses a (huge) set of attacking machines • under control of attacker: bots, zombies, . .. • innocent (secondary victims) Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary 9 Attacker controls an army of slave machines • result of previous successful attacks • legitimate owners without knowledge • available "on demand" • Synchronized overload of the victim • sending legitimate requests from many sources • victim unable to differentiate the requests o crash of many media servers on September 11th 2001 not by attack but too extensive interest o Usually hierarchical to hide the attacker • attacker directly controls only first layer of machines, these used to control the second layer, not sending the data directly to the victim Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures , ^ Internet Network specific threats c , a I . /T , I I Sensor networks Attack types and attacker models Jr f Ad-hoc, mobile and vehicular networks Summary 9 A smaller set of machines directly controlled by attackers • Exploits "reflector" vulnerabilities of some network protocols • TCP SYN Flood • ICMP 9 Attacker send requests with forged victim's address • requests go to "secondary victims"—innocent machines not under attacker's control o All responses from these secondary victims go to the primary victim—^overload Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks 3 ecurity Attacks onWSN Node outage Physical Attacks Message Corruption False Node Node Replication Attacks Passive Information Gathering Attack against Privacy Other attacks (Routing attacks Denial of Service Node Subversion Node Malfunction Monitors Eavesdropping Traffic Analysis Camouflages Adversaries Spoofed, altere d& replayed routing information Selective Forwarding Sinkhole Sybil Wormhole HELLO Flood Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary leep Deprivation Internet Sensor networks Ad-hoc, mobile and vehicular networks Also called resource consumption attack Overload the victim node by requests • route discovery • packets forwarding Exhausts internal resources battery drainage and puts the node off-line Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Ad-hoc, mobile and vehicular networks 9 Passive and active attack as in other network categories • External attacks • nodes that do not belong to the network • Internal attacks • hijacked nodes o Basic attack scenarios: • black hole, wormhole, Byzantine, sleep deprivation Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks • Black hole attack • node reports route availability to targets o announces the shortest route • attracts traffic to the target node through itself • inspects all the packets • modifies, drops, delays them • Wormhole attack • two cooperating malicious nodes • a packet collected by one are sent directly to the other ("wormhole") • disrupts routing when also routing control messages are tunneled o could prevent a discovery of any other routes Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Internet Sensor networks Ad-hoc, mobile and vehicular networks Location disclosure • Collects information about the topology and/or structure of the network • route maps o Useful for future attacks • important in more regular ad hoc networks like the vehicular one • identities of communicating parties 9 Dangerous in security sensitive scenarios • military MANETs Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary pecific VANET attacks Internet Sensor networks Ad-hoc, mobile and vehicular networks o Sybil attacks • Bogus information o Denial of Service o Impersonation (masquerading) o Alteration attack • Reply attack • Illusion attack Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks 9 Adversary deceives sensors in his own car to produce wrong sensor readings • car broadcasts false traffic warning messages 9 Creates an illusion for other cars about the traffic event • Drivers behaviour is modified • ultimate goal of the adversary • Difficult to mitigate with traditional methods like trust schemes, message authentication, message integrity checks Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary • Provided basic classification for • failures and faults • threats • attacks for different kinds of network Internet • sensor networks • ad hoc, mobile and vehicular networks • Similarities and differences between specific networks discussed • random failures versus targeted use of faults • capacity limits • Threats come from nature as well as from attackers • one issue is to properly distinguish these • to properly mitigate their impact 9 Next lecture: Security architecture Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks Faults and failures Network specific threats Attack types and attacker models Summary Figs.l&2 on slides 29 and 38 are taken from • Pamavathi et al: A Survey of Attacks, Security Mechanisms and Challenges in WSN. IJCIS, vol.4(l,2), 2009 http://arxiv.org/pdf/0909.0576.pdf Eva Hladká, Luděk Matýska PA197 Secure Network Design 2. Faults, Threats, Attacks