Faults and failures	
Network specific threats	
Attack types and attacker models	
Summary	
PA197 Secure Network Design 1. Faults, Threats, Attacks
Eva Hladká, Luděk Matýska Faculty of Informatics February 22, 2023
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Q Faults and failures
• Internet
• Ad-hoc, mobile and vehicular networks
• Sensor networks
Q Network specific threats
• Internet
• Sensor networks
• Ad-hoc, mobile and vehicular networks
Q Attack types and attacker models
• Internet
• Sensor networks
• Ad-hoc, mobile and vehicular networks Q Summary
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Faults and Failures
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
All systems susceptible to failures
Failure resilience mandatory part of the design
• unfortunately not true for most commercial systems/networks today
• resilience goes with a cost
• not possible to build absolute resilience
Faults: some flaws in the system
o but sometimes left by design, e.g. just one router for a small network
Failures: emergent faults
• Random faults: occurrence unpredictable (probability)
• Induced (domino): e.g. link disconnection leads to higher service failure
• Malicious: results of attacks (usually use some (known) flaw)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
• Physical
• components faults and failures
• hardware level, but includes immediate software components
e.g. active element operating system fault or failure
• Protocols
• software layer
• shortcomings (limits) of protocols
• bugs: incidental and malicious failures
• Applications
• software layer
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Selected failure examples
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
• Topology failures
• Overload
• Integrity
o Software faults
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Topology failures
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
• Cable failures
• terrestrial
• sub-marine
• Sub-marine cable threats
• fishing and anchoring 9 natural disasters
• earthquake 27th December 2006 damaged the cables near Taiwan, leading to disruption of Internet and telephone service in Asia Pacific region
• Hong Kong completely cut off
• theft
• March 2007, 11 km section of cable connecting Thailand, Vietnam, and Hong Kong removed
• Internet speed affected in Vietnam
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary				Internet Ad-hoc, mobile and vehicular networks Sensor networks
To	pology failures			
• Routing problems
• link disconnection and/or node failure
o Router failures
• (D)DoS attacks
• software bugs
• example: too long BGP Autonomous Systems paths
• Recovery times:
• hundreds of milliseconds for intra-domain routing (e.g. OSPF)
• minutes for inter-domain routing (BGP)
• Pakistan "black hole" in 2008 after banning YouTube
• propagated through the mis-configuration to the whole world
• see e.g. https://www.cnet.com/news/ how-pakistan-knocked-youtube-offline-and-how-to-make-sure
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Overload failures
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
• Result of limited capacity of network equipment
• congestion (flash/short/long term)
• TCP has congestion control
• however independent of routing
• simply slowing down instead of re-routing
• one of motivations for Software Defined Networks (SDN)
• Flash Crowds versus (D)DoS attacks
• how to distinguish unusually high but legitimate traffic from malicious traffic?
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary	Internet Ad-hoc, mobile and vehicular networks Sensor networks
	
9 Bugs in software
• development phase
• buffer overflow most prominent example • Bugs in configuration
• deployment phase
• could have wide (global) effect
• Pakistan/YouTube, Google search, ...
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Ad-hoc, mobile and vehicular networks Sensor networks
• In some aspects similar to Internet
• the mobility introduces additional complexity/source of failures
• Hardware level
• component faults
• more fragile "active" elements
• frequent failure a property
• disconnection due to distance
o not possible to distinguish from a failure
• Protocols
• reliable routing problem
• link failure a property, not an exceptional event
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures
• Static nodes, but high probability of failure of any individual node
• Limited life span of a node
battery drainage
• Interference
9 Routing and transmission protocols
• redundancy versus energy conservation
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Th reats—Overview
Physical installation threats
• hardware threats
• physical damage to the hardware and/or wires
• electrical threats
• electricity fluctuations (brownouts and spikes)
• electricity loss (blackouts)
• environments threats
• external conditions (temperature, electrostatic and magnetic interferences, humidity etc)
• disasters (flood, fire, ...)
• maintenance threats
• missing, incorrect or damaged spare parts
• incorrect or missing labeling of components and cables
• poor handling of components
• low quality of installation
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Internet threats
• Phishing
• search ("fish") for personal details
• usually using e-mails or social networks
o Viruses and worms
• malicious software that arrives attached to another (benign) program or data (e.g. e-mail)
• replicates within the attacked computer
• worm actively tries to attack new systems over the network
• Spyware and adware
spyware collects information about users on Internet adware a special kind of spyware to help targeting advertisements (without user consent)
• Trojans
• malicious program like virus, but does not replicate itself
• Rogue security software
• attacks trust relationship
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Internet Security Threat Report
• Symantec reports
• 2019: https://www.symantec.com/content/dam/ symantec/docs/reports/istr-24-2019-en.pdf
• 2017: https://www.websecurity.symantec.com/ security-topics/istr-2017-infographic
• Main categories
• mobile devices and Internet of things
• web threats
• formjacking and cryptojacking
• targeted attacks
• data breaches and privacy
• ransom ware
• election interference
• Statistics from 2019 report (Symantec bought by Broadcom)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
CRYPTOJACKING
8M
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
NEW MALWARE VARIANTS (YEAR)
TOP NEW MALWARE VARIANTS (MONTH)
YEAR	NEW VARIANTS	PERCENT CHANGE
2016	357,019,453	0.5
2017	669,947,865	87.7
2018	246,002,762	-63.3
Emotet continued to aggressively expand its market share in 2018, accounting for 16 percent of financial Trojans, up from 4 percent in 2017.
35M
30M
25M
20M
15M
10M
5M
JAN FEB MAR        APR        MAY        JUN        JUL AUG        SEP OCT        NOV DEC
XM.Mailcab@mm
W32.Ramnit!html
Trojan.Kotver!gm2
Heur.AdvML.C
WS.Reputation.l
W32.Almanahe.B!inf
PUA.WASMcoinminer
Heur.AdvML.E
W32.Sality.AE
JS.Webcoinminer
^Symantec.
ISTR 24 I February 2019
Facts and Figures 32
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
While the overall number of mobile malware infections fell during 2018, there was a rapid increase in the number of ransomware infections on mobile devices, up by a third when compared to 2017. The U.S. was the worst affected by mobile ransomware, accounting for 63 percent of infections. It was followed by China (13 percent) and Germany (10 percent).
Managing mobile device security continues to present a challenge for organizations. During 2018, one in 36 devices used in organizations were classed as high risk. This included devices that were rooted or jail broken, along with devices that had a high degree of certainty that malware had been installed.
ONE IN
MOBILE DEVICES HAD HIGH RISKAPPS INSTALLED
33°
t
MOBILE RANSOMWARE INFECTIONS INCREASED FROM 2017
r
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
In 2018,1 in 10 URLs analyzed were identified as being malicious, up from 1 in 16 in 2017. Additionally, despite a drop off in exploit kit activity, overall web attacks on endpoints increased by 56 percent in 2018. By December, Symantec was blocking more than 1.3 million unique web attacks on end point machines every day.
Formjacking was one of the biggest cyber security trends of the year, with an average of 4,800 websites compromised with formjacking code every month in 2018. Formjacking is the use of malicious JavaScript code to steal payment card details and other information from payment forms on the checkout web pages of eCommerce sites, and in total Symantec blocked 3.7 million formjacking attempts on endpoint devices in 2018. More than a third of formjacking activity took place in the last quarter of 2018, with 1.36 million formjacking attempts blocked in that period alone.
FORMJACKING ACTIVITY
More than a third of the formjacking activity took place in the last quarter of 2018.
1,400,000
4th QTR
1,200,000
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
TARGETED ATTACKS
While the overall number of targeted attacks was down somewhat last year, the most active groups stepped up their activity, attacking an average of 55 organizations over the past three years, up from 42 between 2015 and 2017. Spear-phishing emails remained the most popular avenue for attack and were used by 65 percent of all known groups. The most likely reason for an organization to experience a targeted attack was intelligence gathering, which is the motive for 96 percent of groups.
Alongside the rise in popularity of living off the land tactics, the use of zero-day vulnerabilities declined in 2018, with only 23 percent of groups known to have exploited zero days, down from 27 percent in 2017. While still a niche area, the use of destructive malware continued to grow. Eight percent of groups were known to use destructive tools, a 25 percent increase over 2017.
ESPIONAGE INDICTMENTS BY U.S. AUTHORITIES
SPEAR PHISHING
INTELLIGENCE GATHERING
2015-2017: AVG 42 ORGS TARGETED PER GROUP (20 MOST ACTIVE GROUPS)
49
2016-2018: AVG 55 ORGS TARGETED PER GROUP (20 MOST ACTIVE GROUPS)
4-23%
Groups using
zero-day
vulnerabilities
T8%
Groups using
destructive
malware
NORTH KOREA
Eva Hladká, Luděk Matýska
PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
UNDERGROUND ECONOMY
ACCOUNTS
Restaurant gift cards 15-40% of value
Online retailer gift cards 15-50% of value
Online banking accounts (depending on value s verification) 0.5%-10% of value
Socks proxy account $0.10-2
Video and music streaming accounts $0.10-10
Cloud service account $5-10
Gaming platform account $0.50-12
Hacked email accounts (2,500) $1-15
VPN services $1-20
Hotel loyalty (reward program accounts with 100,000 points)
Various services (morethan 120« different accounts) $0.50-25
RDP login credentials $3-30
Retail shopping account $0.50-99
Online payment accounts (depending on value & verification)
IDENTITIES
Stolen or fake identity (name, SSN, and DOB)       | $0.10-1.50 Medical notes and prescriptions Mobile phone online account
Stolen medical records $0.10-35 ID/passport scans or templates Scanned documents (utility bin,etc.) (0.50-45 Full ID packages (name, address, phone, SSN, email, bank account, etc.)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
UNDERGROUND ECONOMY
IDENTITIES (CONT.)
Fake health care ID cards
Parcel drop off box for deliveries Fake ID, driver license, passport, etc.
MONEY TRANSFER SERVICES
Cash redirector service for bank accounts .1-15% of value
Cash redirector service for online payment system 1-5% of value
Pay $100 in Bitcoin and get a money transfer of $1000 $100
Cash redirector service 5-20% of value
Office macro downloader generator DDoS bot software
Cryptocurrency stealer malware Cryptocurrency miner (e.g. uonero) Ransomware toolkit Common banking Trojans toolkit with support
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
UNDERGROUND ECONOMY
Airline ticket and hotel bookings 10% of value
Money laundering service {into cash or cryptocurrencies) 4-40%
Cash OUt service (bank account, ATM card, mdfakcID) $350
Hacker for hire $100+ Custom phishing page service
DDoS service, Short duration <1 hour (medium protected targets) DDoS service, duration >24h {medium and strong protected targets)
PAYMENT CARDS
Single credit card Single credit card with full details (fuiiz) Dump of magnetic strip track 1/2 data (e.g.from skimming)
SOCIAL MEDIA
100 likes on social media platforms 500 social media followers 100,000 social media video views
"hese prices ere taker ton publicly accessible i. rcercroirc mns and dark web TOR sites. Closed, private forums tend to bave even lower prices. We cannot verify if tbe goods are genuinely sold for tbe asked price, some oftbem migbt be fake offers
Eva Hladká', Luděk Matýska
:twork Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary	Internet Sensor networks Ad-hoc, mobile and vehicular networks
Sensor networks	
• Major threats:
9 physical
• software
• Physical threats:
• interference battery drainage
• overtake of a node
• Security
• routing mis-information
• data loss
• data injection
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks Ad-hoc, mobile and vehicular network
• Ad hoc network
o a network build for a specific purpose
• no central base stations or access points
• each node sender/receiver
• peer to peer and multi=hop architecture
• Mobile ad hoc network (MANET)
• adds mobility to individual nodes
• Vehicular ad hoc network (VANET)
o specific version of MANET
• (semi)organized (i.e. not completely random) movement of nodes
• Roadside Units (RSU)
• immobile units
• two side communication with cars
• specific user interaction modes (drivers disturbance)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary					Internet Sensor networks Ad-hoc, mobile and vehicular networks
MAN	El	r Pro	perti	ies	
• Each node can communicate
• power constraints for nodes
• Communication is possible only between nodes "in range"
• the set of neighbours changes in time
• bandwidth usually limited
• Each node can retransmit a message
9 router capability
• multi-hop delivery
• General performance a function of cooperation between nodes
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary				Internet Sensor networks Ad-hoc, mobile and vehicular networks
Security	probler	TI	IS	
• Open media
• easy to eavesdrop or interfere with
• Open routing protocol
• no security mechanism
9 Continuously changing topology
• easy hiding for an attacker
9 Relies on cooperation between devices
• malicious node can "divert" others
• Hijacked nodes
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
VAN ET specific problems
Privacy
• drivers identity
• unit identification (where are they moving) • Clear benefit for a malicious user
• divert traffic
• clear its own path
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Basic attack modes
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
9 Passive attacks
• not directly influencing the target systems
• monitoring the (unencrypted) traffic
• authentication information (passwords)
• other sensitive information
• result is access to information • Active attacks
• break into a target system
• bypass a security perimeter or break through it
• manipulate messages
• reply, modify, create, delete
• impersonation (identity theft), Man-in-the-middle attack o result is access to data, modification of data, DoS
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular network
Other attacks (Routing attacks
Denial of Service
Monitor & Eavesdropping
Traffic Analysis
Camouflages Adversaries
Fabrication
Spoofed, altered& replayed routing information
Selective Forwarding
Sinkhole
Sybil
Wormhole
HELLO Flood
Lack of cooperation
Node		Node
Subver		Malfun
sion		ction
Modifi cation
Node outage
Impersonation
Eavesdropping
False Node
Physical Attacks
Node
Replication Attacks
Passive
Information
Gathering
Message Corruption
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Sybil Attack
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
9 Attacker assumes several identities • defeat trust of a reputation system
• Used to hide the malicious node (e.g. car in VANET)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
• Physical attacks
• targets the physical infrastructure
• immediately indistinguishable form hardware faults
• Internet service attacks
• Domain Name Service (DNS) 9 e-mail
• protocol vulnerabilities (e.g. TCP SYN attack)
• Man-in-the-middle attack
• DoS and DDoS attacks
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Other types of attack
• Insider attack
• majority of attacks initiated from within the security perimeter o Close-in attack
• social engineering
• physical access/proximity to the network
• Phishing attack 9 Hijack attack
• takes over the network session
• Exploit attacks
• uses known security hole o Protocol attacks
• spoof attack
• buffer overflow
• Password attack
• cracking passwords: brute force and dictionary attack
• uses access to the file/database with passwords
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
TCP SYN Flood Attack
• Exploits "trust" in the the TCP 3-way handshake protocol
O client initiates connection with SYN packet
0 server acknowledges (SYN/ACK) and allocates resources
O client sends the final acknowledgment (ACK)
• What if client does not respond with ACK?
• victim allocates resources (memory)
• resources eventually freed through time out
• but in the meantime victim not able to serve legitimate requests
Simple Denial of Service attack
• Attacker does not use its own IP address
• why?
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary					Internet Sensor networks Ad-hoc, mobile and vehicular networks
	Low Rate 1	rc	p	DoS	
• A paper of Kuzmanovic&Knightly: Low-Rate TCP-Targeted Denial of Service Attacks. SIG COMM 2003.
• Exploits TCP congestion control mechanism
• Retransmission time-out
• Exponentially reduce available bandwidth
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Low Rate TCP DoS II
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
• Pinciples
• mis-uses the congestion avoidance mechanism of TCP
9 if severe congestion risk is recognized, TCP reduces congestion window to one packet and waits for a period of Retransmission Time Out (RTO) after which the packets is resent
• further loss doubles RTO period
• short outages (on adversary flow) at around RTT force TCP to timeout; all flows simultaneously enter the same state
• when TCP attempts to exit timeout and enter slow-start
• adversary creates another outage to force the flows synchronously back to timeout state
• Difficult to detect
• recognizable: high-rate bursts on short time-scales o And mitigate
• randomized minRTO
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
o Single source DoS attack (rather) easily defended
• does not mean we know who is the attacker
• but we can stop her (usually)
• Distributed DoS
• many sources of attack
• each harmless by its own
• their quantity is the problem
• Uses a (huge) set of attacking machines
• under control of attacker: bots, zombies, . ..
• innocent (secondary victims)
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
Multiple Source DDoS Attack
9 Attacker controls an army of slave machines
• result of previous successful attacks
• legitimate owners without knowledge
• available "on demand"
• Synchronized overload of the victim
• sending legitimate requests from many sources
• victim unable to differentiate the requests
o crash of many media servers on September 11th 2001 not by attack but too extensive interest
o Usually hierarchical to hide the attacker
• attacker directly controls only first layer of machines, these used to control the second layer, not sending the data directly to the victim
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
DDoS Reflector Attack
o A smaller set of machines directly controlled by attackers • Exploits "reflector" vulnerabilities of some network protocols
• TCP SYN Flood
• ICMP
9 Attacker send requests with forged victim's address
• requests go to "secondary victims"—innocent machines not under attacker's control
o All responses from these secondary victims go to the primary victim—^overload
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
3 ecuritv Attacks onWSN
Node outage
Physical Attacks
Message Corruption
False Node
Node
Replication Attacks
Passive
Information
Gathering
Attack against Privacy
Other attacks (Routing attacks
Denial of Service
Node
Subversion
Node
Malfunction
Monitors Eavesdropping
Traffic Analysis
Camouflages Adversaries
Spoofed, altered& replayed routing information
Selective Forwarding
Sinkhole
Svbü
Wormhole
HELLO Flood
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary				Internet Sensor networks Ad-hoc, mobile and vehicular networks
Slee	p De	privation		
Also called resource consumption attack Overload the victim node by requests
• route discovery
• packets forwarding
Exhausts internal resources battery drainage
and puts the node off-line
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks Ad-hoc, mobile and vehicular network
• Passive and active attack as in other network categories
• External attacks
• nodes that do not belong to the network
• Internal attacks
• hijacked nodes
o Basic attack scenarios:
• black hole, wormhole, Byzantine, sleep deprivation
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
• Black hole attack
• node reports route availability to targets
• announces the shortest route
• attracts traffic to the target node through itself
• inspects all the packets
• modifies, drops, delays them
• Wormhole attack
• two cooperating malicious nodes
• a packet collected by one are sent directly to the other ("wormhole")
• disrupts routing when also routing control messages are tunneled
o could prevent a discovery of any other routes
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models Summary			Internet Sensor networks Ad-hoc, mobile and vehicular networks
Locatioi	i disclosu	re	
• Collects information about the topology and/or structure of the network
• route maps
o Useful for future attacks
• important in more regular ad hoc networks like the vehicular one
• identities of communicating parties
• Dangerous in security sensitive scenarios
• military MANETs
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Specific VAN ET attacks
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
o Sybil attacks
• Bogus information o Denial of Service
o Impersonation (masquerading)
• Alteration attack
• Reply attack
• Illusion attack
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
Internet
Sensor networks
Ad-hoc, mobile and vehicular networks
9 Adversary deceives sensors in his own car to produce wrong sensor readings
• car broadcasts false traffic warning messages
9 Creates an illusion for other cars about the traffic event
• Drivers behaviour is modified
• ultimate goal of the adversary
• Difficult to mitigate with traditional methods like trust schemes, message authentication, message integrity checks
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
	Faults and failures
	Network specific threats
	Attack types and attacker models
	Summary
	
• Provided basic classification for
• failures and faults
• threats
• attacks
for different kinds of network Internet
• sensor networks
• ad hoc, mobile and vehicular networks
• Similarities and differences between specific networks discussed
• random failures versus targeted use of faults
• capacity limits
• Threats come from nature as well as from attackers
• one issue is to properly distinguish these
• to properly mitigate their impact
• Next lecture: Security architecture
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks
Faults and failures Network specific threats Attack types and attacker models
Summary
9 Figs.l&2 on slides 29 and 38 are taken from
• Pamavathi et al: A Survey of Attacks, Security Mechanisms and Challenges in WSN. IJCIS, vol.4(l,2), 2009 http://arxiv.org/pdf/0909.0576.pdf
Eva Hladká, Luděk Matýska PA197 Secure Network Design 1. Faults, Threats, Attacks