ppt - Texas A&M University

Download Report

Transcript ppt - Texas A&M University 

IA&S TP2.1.1, Yong Guan, et. al., Texas A&M U.
Camouflaging network traffic at right time and right place
Y. Guan, X. Fu, R. Bettati and W. Zhao
Department of Computer Science
Texas A&M University
http://www.cs.tamu.edu/research/realtime
June 6, 2000
Title:
Efficient Traffic Camouflaging in Mission Critical QoS guaranteed Networks
IA&S TP2.1.2, Yong Guan, et. al., Texas A&M U.
Motivations
It is often thought that communication may be secured by encrypting the
traffic, but this has rarely been adequate in practice.
 Encryption makes crypto-analysis very difficult, if not impossible.
– E.g., IPsec makes content of the traffic inaccessible.
– 85% of the IP traffic will be encrypted in the near future. (VPN, SSL, etc.)
 An encrypted email message between a customer service center and its
ordinary user is not under suspicion, however, the one between an
employee of a defense contractor and the embassy of a hostile power has
obvious implication.
 The changes of traffic pattern between the military command center and
some military units under different alertness states often indicate some
meaningful information to the observers.
Traffic analysis can still be used to trace the user’s on-line/off-line periods,
uncover the location of military command center, determine operation
mode or alertness state of military units, and analyze the intentions of
communications.
IA&S TP2.1.3, Yong Guan, et. al., Texas A&M U.
Mission Critical Environment

Applications
–
–
–
–
Flight Control System
Supervisory Command and Control of defense system
Hiper-D system (NSWC)
...

Security

Quality of Service
IA&S TP2.1.4, Yong Guan, et. al., Texas A&M U.
Objectives

Keep network traffic pattern unobservable

Provide QoS-guaranteed communication services

Be upward and downward compatible with existing
operating systems, applications, and network technologies

Be scalable and evolutionary
IA&S TP2.1.5, Yong Guan, et. al., Texas A&M U.
Basic Model
Features of IP-based network
• Header of the packet are readable by an observer.
• The underlying routing subsystem determines unique path between
any pairs of hosts.
Basic theorem:
If the traffic entering into and exiting from each host is stable, all the traffic in
the system are stable.
Host 1
Host 3
Router A
Router C
Router B
Router D
Host 4
Host 2
Fig. 1 Network Topology
Host 1
Host 3
Host 2
Host 4
Fig. 2 Fully Connected Directed Graph
IA&S TP2.1.6, Yong Guan, et. al., Texas A&M U.
Example
 0 0 3 3


3
0
3
3


A
2 0 0 2


 3 3 3 0


Existing Traffic Pattern Matrix
The Existing traffic pattern among the hosts are:
Host1
Host 1
Host 2
Host 3
Host 4
0
3MB/sec
2MB/sec
3MB/sec
Host2
0
0
0MB/sec
3MB/sec
Host3
Host4
3MB/sec
3MB/sec
3MB/sec
3MB/sec
0
2MB/sec
3MB/sec
0
The stable traffic pattern among the hosts are:
Host 1
Host 2
Host 3
Host 4
0

3
A
2

3

Host1
Host2
Host3
Host4
0
3MB/sec
3MB/sec
3MB/sec
3MB/sec
0
3MB/sec
3MB/sec
3MB/sec
3MB/sec
0
3MB/sec
3MB/sec
3MB/sec
3MB/sec
0
0 3 3

0 3 3
0 0 2

2 3 0 
Manipulation
New Connection (H3 to H2) 5 MB/sec
0

3
2

3

0 3 3  0
 
0 3 3  0

3 0 2  1
 
2 3 0   0
Direct
1 0 0  0
 
0 0 0  0
+
0 0 1  0
 
1 0 0   0
Host-based Rerouting
0

3
B
3

3

3 3 3

0 3 3
3 0 3

3 3 0 
Stable Traffic Pattern Matrix
2 0 0

0 0 0
.
0 0 0

0 0 0 
Padding
IA&S TP2.1.7, Yong Guan, et. al., Texas A&M U.
Traffic Padding
Flooding the network at right place and right time to
make it appear to be constant rate network
?
Challenge: How much?
?
For link j,
Si Fi,j( I ) + Sj( I ) = C(I)
?
IA&S TP2.1.8, Yong Guan, et. al., Texas A&M U.
Traffic Rerouting
Indirect delivery of packets
Challenge: How to reroute the traffic?
Real Traffic: 5MB/sec from H3 to H2
H1
H4
1MB/sec
H2
1MB/sec
3MB/sec
H3
IA&S TP2.1.9, Yong Guan, et. al., Texas A&M U.
QoS guarantee
Traffic Padding and Rerouting
Challenge: Can we still guarantee real-time delay
bound?
For for connection j,
Si di,,j, < Dj
IA&S TP2.1.10, Yong Guan, et. al., Texas A&M U.
Approaches

Traffic camouflaging: host-based rerouting and traffic
padding based on real-time traffic modeling theory.

Real-time communication: providing end-to-end delay
guaranteed services to applications while having traffic
camouflaged

A middle-ware solution:
compatibility, and scalability
achieving
effectiveness,
IA&S TP2.1.11, Yong Guan, et. al., Texas A&M U.
Traffic Planning: Correctness Constraints
• Stabilization Constraints
 f ij   c
uv
1 u,v  n
Or
 f ij   b
uv
1 u,v  n
ij
ij
 bij ,
(1)
,
(2)
where 0  cij  bij , ,0  f uv ij   bij , bij is an element of the stable traffic matrix B, for
1  i, j  n .
• Link Capacity Constraints
n
b
j 1
ij
n
b
i 1
ij
 the capacity of the output link from host i.
(3)
 the capacity of the input link into host j.
(4)
These conditions make sure that no bandwidth capacities are exceeded.
IA&S TP2.1.12, Yong Guan, et. al., Texas A&M U.
Traffic Planning: Correctness Constraints (cont.)
• Conservation Constraints
For each node v  i, j,
 f uv    f vu  0
uvE
ij
vuE
ij
(5)
For node v  i , where host i is the source of the traffic,
 f vu  a
vuE
ij
ij
(6)
For node v  j , where host j is the destination of the traffic,
 f uv   a
uvE
ij
ij
(7)
• Delay Constraints
d ijW C  DLij
for all the traffic flows in the real demand traffic matrix.
(8)
IA&S TP2.1.13, Yong Guan, et. al., Texas A&M U.
Extensions

Scalability
– Hierarchical Model: Intra-domain and Inter-domain
Domain 1
Domain 2
Domain 3

Easy deployment
– Appliance-based method
IA&S TP2.1.14, Yong Guan, et. al., Texas A&M U.
NetCamo System Architecture
Host
Host
H
3
2
3
NetCamo Traffic Manager
A
P
I
NetCamo Host Controller
Router Agent
Host Agent
Router Agent
Host Agent
Host Manager
A
P
I
H
3
2
3
NetCamo Host Controller
Host Manager
Network
Traffic
Controller
Router
Router
Client
Applications
Client
Applications
NetCamo Network Controller
Traffic
Controller
IA&S TP2.1.15, Yong Guan, et. al., Texas A&M U.
NetCamo Traffic Planner
IA&S TP2.1.16, Yong Guan, et. al., Texas A&M U.
NetCamo
Traffic Controller
IA&S TP2.1.17, Yong Guan, et. al., Texas A&M U.
Status
April 2000: Pre-release version
* Support both CBR and VBR traffic
* Support a fixed cover mode
* Support a fixed sensor period for traffic padding
* Support real-time monitoring
August 2000: b version:
* Support multiple cover modes
* Support an adaptive sensor period for traffic padding
* Support a semi-automatic traffic modeling tool
* Provide installation and maintenance services
August 2000: Integration with HiPer-D system (NSWC)
IA&S TP2.1.18, Yong Guan, et. al., Texas A&M U.
Network Camouflaging & QoSguaranteed Service

Camouflage network elements and activity (wired and wireless)
–Host, router and switch
•Location
•Liveliness
•Movement traces
–Connectivity
•Connection
•VPN tunnel
–Topology
–Traffic pattern

QoS guaranteed
–Deterministic QoS service
–Statistical QoS service
IA&S TP2.1.19, Yong Guan, et. al., Texas A&M U.
Camouflaging, Concealment, and Decoy
in Cyber Space
Means
Packet Conn. Traffic Router Topology Op Mode
Hide
Blend
Encryption
Flooding
Disguising
Disrupting
Decoy
?
Re-routing
Neutral mode
?
Multiple cover modes
IA&S TP2.1.20, Yong Guan, et. al., Texas A&M U.
Summary

Current NetCamo system is the first step!
 We achieve our goal in a controlled way that traffic
analysis prevention and QoS guaranteed service are
obtained at the same time.
 We are working in this new research field, whose essence
lies in hiding and camouflaging the information about the
network in order to make it anonymous and unobservable.
A new field! Much work to be done!