Ad Hoc Wireless Routing - UCF Department of EECS

Ad Hoc Wireless Routing - UCF Department of EECS

University of Central Florida CAP 6135: Malware and Software Vulnerability Spring 2012 Paper Presentation Dude, wheres that IP? Circumventing measurement-based IP geolocation Phillipa Gill, Yashar Ganjali, Bernard Wong, and David Lie

Presenter Ahmad Alzahrani Information about the Paper: Authors: Phillipa Gill and Yashar Ganjali Dept. of Computer Science, University of Toronto

David Lie Dept. of Electrical and Computer Engineering, University of Toronto Bernard Wong Dept. of Computer Science, Cornell University Presented at the 19th USENIX Security Symposium, on August 12, 2010 in San Jose, CA during the Internet Security session.

Background What is IP Geolocation? Introduction Applications benefit from IP Geolocation Online advertising Search engines Restrict access to online content Multimedia

Fraud Preventions Geolocation to locate VMs hosted by cloud provider Motivation Who has incentive to circumvent IP geolocation? Web clients:

Gain access to content Online payment fraud Cloud service Location-based SLAs - cloud providers. Paper Contributions Evaluation of two attacks. First to study measurement-based geolocation

of an adversary Studied two models of adversarial geolocation targets (end host & WAN) Background Measurement-based geolocation Delay-based geolocation (e.g. Constraint-based geolocation Gueye et al. )

Ping! Ping! Ping! courtesy Phillipa Measurement-based geolocation Delay-based geolocation (e.g. Constraint-based geolocation Gueye et al. )

Ping! Ping! Ping! Ping! courtesy Phillipa 12

courtesy Phillipa Topology-aware geolocation Assume no direct path to target. Locate also hops on the way. Takes into account circuitous network paths. Ping! Ping!

courtesy Phillipa Measurement-based geolocation Delay-based: Constraint-based geolocation (CBG) [Gueye et al] Accuracy: ~ 78-182 km

Topology-aware: Octant [Wong et al.] Delay between hops on path is considered Locate nodes along the path

Median accuracy: ~ 35-40 km Two Attacks have been studied: (1) Delay-adding attack Increase delay by time to travel the difference Challenge: how to map distance to delay? -

2 i 2 c 3 - Access to the map function.

L1 L3 g1 L2 g2

Forged location Two Attacks have been studied: (2) Hop-adding attack d 1

Landmark 1 Target d 2 Landmark 2 Two Attacks have been studied: (2) Hop-adding attack

Multiple network entry points Internal router (each connected to 3) Forged location courtesy Phillipa Evaluation

Are the attacks effective? What is the accuracy achieved by the attacker to mislead geolocation. Can the attacks be detected? Experiment1 (Delay-adding Attack) Collected measurements inputs using 50 PlanetLab nodes. Each node of the 50 takes turn as target. Each target moved to 50 forged locations.

Delay-adding Attack - Simulation Setup Delay-adding attack (Detectability?) Delay-adding attack (How accurate?) 700 M/ KM NYC-SFO

22 Hop-Adding Attack - Simulation Setup -Targets : 80 nodes (50 in US and 30 in EU) -Forget Locations : 11 inside above WAN (4 Gateways, 15 Internal Routers) Hop-adding attack (Detectability?)

Hop-adding attack (How accurate?) Best-case(delay adding attack) Hop adding attack 25 Recap

Simple Attacker Sophisticated Attacker Delay-based Attack

1 1 Topology-aware Attack 1

2 1 Detectable using region size, accuracy depends on distance to forged location. 2 High Accuracy and difficult to detect. Conclusion Measurement-Based Geolocation algorithms are susceptible to delay-based and topology

measurements. Two models of adversaries have been considered. Two attacks have been developed and evaluated. The more advanced and accurate algorithm is more susceptible to tampering Possible Extensions Develop secure measurement protocol to reduce ability of attackers to change measurements .

Provide real-world results of the proposed attacks to study the effect of network congestion state on accuracy. Qs & As

Recently Viewed Presentations

  • QECO/COEQ The Qualifications Evaluation Council of Ontario ...

    QECO/COEQ The Qualifications Evaluation Council of Ontario ...

    QECO serves Teachers….and works to obtain the highest possible category for each one. ... Review pay stubs to ensure they are in the correct QECO category. Contact QECO and request quickest routes to next category. Pay attention to employer deadlines....
  • Benchmarking

    Benchmarking

    Design compilation methods and procedures. Consider relationship to sources and methods used in AGDP. Decide scope of QGDP. Determine compilation level. Choose integrated or separate AGDP-QGDP compilation system. Make compilation schedule including timeliness of first release and revision policy. Review...
  • PersonalChefOffice.com

    PersonalChefOffice.com

    Search a Recipe. In the left menu click My Recipes > Recipe Search. If you check "include shared recipes" check box, system will also include shared recipes in search. A Shared Recipe is a chef's recipe which is contributed in...
  • COPD

    COPD

    Cruddas Park Surgery Denton Park Health Centre Denton Turret Surgery Dilston Medical Centre Fenham Hall Surgery Holmeside Medical Group Newburn Surgery Parkway Medical Group Ponteland Rd Health Centre Prospect Medical Group Scotswood Surgery Throckley Primary Care Centre West Rd Medical...
  • Accounting Standard (AS) - 3

    Accounting Standard (AS) - 3

    The need for inclusion of cash summary was therefore recognised. Cash Flow - Dr. varadraj Bapat, IIT Mumbai * Meaning The summary of cash transactions (receipts and payments) during an accounting period is called Cash Flow Statement. The transactions are...
  • Just Like Josh Gibson - Jefferson County Public Schools

    Just Like Josh Gibson - Jefferson County Public Schools

    Just Like Josh Gibson Second Grade Reading Unit 6 - Story 1 Vocabulary Words field cheers threw sailed plate bases soar forties Louisville slugger field A piece of land used for some special purpose. cheers Calls out or yells loudly...
  • Analysis of Shifts in Students Reasoning Regarding Electric

    Analysis of Shifts in Students Reasoning Regarding Electric

    Analysis of Shifts in Students' Reasoning Regarding Electric Field and Potential Concepts David E. Meltzer Department of Physics University of Washington
  • The Reproductive System of a Mare - Texas A&M University

    The Reproductive System of a Mare - Texas A&M University

    The Reproductive System of a Mare Livestock Production, Equine Science, Advanced Animal Science Introduction to the Estrous Cycle The recurring reproductive cycle in many female mammals, including estrus, ovulation, and changes in the uterine lining.