surveillance & anonymitypages.cs.wisc.edu/~ace/media/lectures/surveillance.pdf · • dec 2016:...
Post on 24-Sep-2020
7 Views
Preview:
TRANSCRIPT
cs642
surveillance & anonymity
adam everspaugh ace@cs.wisc.edu
computer security
todayInternet-wide scanning, zmap
Massive surveillance, packet inspection
Anonymous browsing, TOR
TCPhandshake
SYNseqC,0
SYN/ACKseqS,seqC+1
ACKseqC+1,seqS+1
SYN=synflagsetACK=ackflagsetx,y=xissequence#,yisacknowledge#
Client Server
TCPconnectionestablished
mass scanningWhat if we want to scan the "whole internet"?
Why? / Find all the unsecured webcams [shodani.io] / Find all the broken webservers
How would we do this? / nmap -p 443 0.0.0.0/32 / IPv4: 32-bits - 14% IANA reserved addresses
How long would this take? / Assume mean round-trip time = 100ms
think-pair-share
zmap
[zmap, Durumeric et al.]
ZMap paper: 1300x faster than nmap How?
fast scanning
Client
SYN
SYN
SYN
SYNSYN
SYN
SYN
SYNSYN/ACK
SYN/ACK
SYN/ACK
SYN/ACKRecord responsesRSTRSTRST
zmapa0
a2
a3a4a5
a6
a7
a8
a9 a1
1.1.1.11.1.1.2
1.1.1.3
Can't scan at high-speed in-order Why?
ZMap uses a permutation over the address space
Random ordering, but
don't have to track list of scanned addresses
dual ecInvestigating "rigged" random number generator (RNG) called "dual elliptic curve" (dual EC) RNG
… that could be used in setting up TLS connections
Q: How many web servers support this RNG in real life?
Scanned IPv4 with ZMap / 39M servers responding on port 443 / Took 48 hours from CSL@UW
Probed each web server with instrumented OpenSSL client (recorded TLS handshake) / 22M TLS (half-)handshakes; took 4 weeks
[On the Practical Exploitability of Dual-EC, Checkoway et al.]
AT&TWiretapcase
• MarkKleindisclosespotentialwiretappingactivitiesbyNSAatSanFranciscoAT&Toffice
• FiberopticsplitteronmajortrunklineforInternetcommunications– Electronicvoiceanddatacommunicationscopiedto“secretroom”
– NarusSTA6400device
Interceptiontechnology
• FromNaruswebsite [http://narus.com/index.php/product/narusinsight-intercept]– “Targetbyphonenumber,URI,emailaccount,username,keyword,protocol,applicationandmore”,“Service-andnetworkagnostic”,“IPV6ready”
– Collectsatwirespeedsbeyond10Gbps
Othermajorbackbone
Othermajorbackbone
AT&Tnetwork
Wiretapsurveillance
Interceptiongear
MAE-West(MetropolitanAreaExchange,West)
LargeamountsofInternettrafficcrossrelativelyfewkeypoints
Typesofpacketinspection
userdataApplheaderTCPheaderIPheaderIPdatagram
Deeppacketinspection(DPI)analyzesapplicationheadersanddata
InternetserviceprovidersneedonlylookatIPheaderstoperformrouting Shallowpacketinspection
investigateslowerlevelheaderssuchasTCP/UDP
Whichinspectionismostpowerful?Whatarethetechnologychallenges?
Internet
IntrusionDetectionSystems(IDS)
Outerfirewall
Innerfirewall
Webserver
IDSCustomerdatabases
WhatcananIDSdothataroutercannot?StoreinformationforforensicsMatchknownattackpatterns(malware,XSS,SQLinjection)
Preventingintercept
• End-to-endencryption(TLS,SSH)
• Whatdoesthisprotect?Whatdoesitleak?
• Whatcangowrong?
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
think-pair-share
End-runaroundHTTPS
• HTTPSterminatedatedgeofGooglenetworks
• Internaldatacenter-to-datacentercommunicationsonprivatelyleasedlines
Hidingconnectivityisharder
• IPaddressesarerequiredtoroutecommunication,yetnotencryptedbynormalend-to-endencryption– 1.2.3.4talkedto5.6.7.8overHTTPs
• Howcanwehideconnectivityinformation?
Tor(TheOnionRouter)
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
Othermajorbackbone
TorNodeTorNode TorNode
7.8.9.1 8.9.1.19.1.1.2
Client->7.8.9.1->8.9.1.1->9.1.1.2->DestinationCalledacircuit
HTTPpacketSrc:
9.1.1.2Dest:5.6.7.8
IP:1.2.3.4
IP:5.6.7.8
Encryptedto9.1.1.2Src:
8.9.1.1Dest:9.1.1.2
9.1.1.28.9.1.1
Encryptedto8.9.1.1Src:
8.9.1.1Dest:9.1.1.2
7.8.9.1
Encryptedto7.8.9.1Src:
7.8.9.1Dest:8.9.1.1
Onionrouting:thebasicidea
Torimplementsmorecomplexversionofthisbasicidea
Whatdoesadversarysee?
Othermajorbackbone
AT&Tnetwork
Interceptiongear
IP:1.2.3.4
IP:5.6.7.8
Othermajorbackbone
TorNodeTorNode TorNode
7.8.9.1 8.9.1.19.1.1.2
HTTPpacketSrc:
9.1.1.2Dest:5.6.7.8
Torobfuscateswhotalkedtowhom,needend-to-endencryption(e.g.,HTTPS)toprotectpayload
• Dec2016:EldoKim,Harvardsophomore,sentbombthreatsusingGuerillaMail(anonymousemailservice)
• UsedToRtoconnecttoGuerillaMail(fromhisdormroom)
• Caughtwithin2days
• Howdidhegetcaught?
• GuerillaMailindicateduserconnectedviaToRnode
• FBIcomparedtimestamponemailtoHarvardnetworklogs,
• HewastheonlyoneusingToRatthattime,confessedwhenconfronted
[Asof:April13,2016]
Otheranonymizationsystems
• Single-hopproxyservices
• JonDonym,anonymousremailers(MixMaster,MixMinion),manymore…
Anonymizer.com
recapInternet-wide scanning, zmap
Massive surveillance, packet inspection
Anonymous browsing, TOR
top related