study of malformed message attacks and their prevention by shailesh yadav & nikhil mohod tel 500...
TRANSCRIPT
![Page 1: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/1.jpg)
Study of Malformed Message Attacks and their Prevention
By Shailesh Yadav & Nikhil Mohod
TEL 500 PROJECT
![Page 2: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/2.jpg)
OUTLINE
Introduction The importance of Networking
monitoring Last Hop Tracking: Framework The Project The CNM Packet Tracer Demo Real time Demo Conclusion
![Page 3: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/3.jpg)
INTRODUCTION – MALFORMED MESSAGE ATTACKS
Devised to achieve unauthorized access into the service provider’s secure domain
In this type of attacks the attacker modifies the headers in such a way that it does not comply with the grammar standards of the Signaling protocol
![Page 4: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/4.jpg)
EXAMPLE
![Page 5: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/5.jpg)
THE PROJECT
Focus of this project is to help design network breach detection and tracing system, a suggestive system with important parameters
This design is going to aid the prevention on malformed message attacks and also ensure that these type and attacks and their origin is easily figured out
![Page 6: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/6.jpg)
THE IMPORTANCE OF NETWORKING MONITORING
If the network is monitored, quite once in a while the assault is followed straightforwardly back to the perpetrator
This is done by last hop tracing with the help of the foundation built by IDS and IPS
Hence there is great demand for design, deployment and maintaining frameworks that aid towards the goal of monitoring networks
![Page 7: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/7.jpg)
LAST HOP TRACKING: FRAMEWORK
![Page 8: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/8.jpg)
REAL TIME DEMO
Wireshark V 1.10.2 Bittwist V
![Page 9: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/9.jpg)
THE CNM
This CNM system is recognized as the solution This design is a variation of inbuilt IDS IPS system that
could be established with the existing network infrastructure
The aspects of the CNM are as follows: Route Isolation Hassle free routing for all other networking protocols running An algorithm to recognize the malformed message attacks
and distinguish them from other types of attacks Also be able to detect and prevent network based attacks Reduce the cost of deploying a separate infrastructure for
CNM Last hop tracing to allow easy detecting of the attack’s origin
![Page 10: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/10.jpg)
KEY ELEMENTS OF THE CNM DESIGN: The CNM should be kept isolated
from the rest of the network All other routing components
should be able to flow freely without hassle
The above two issues are explored in detail in this project the other aforementioned components are a part of the CNM documentation (Future Research)
![Page 11: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/11.jpg)
THE CNM – CENTRALIZED NETWORK MONITOR
![Page 12: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/12.jpg)
PACKET TRACER DEMO
Packet Tracer Screenshot
![Page 13: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/13.jpg)
CONCLUSION
SIP being a text based protocol is very easy to exploit. Most security threats could be condensed by the use of TCP/IP instead of UDP for signaling purposes. As previously mentioned, firewalls can also be used in addition to TCP/IP used, to block unauthorized access.
Also access lists could be used
![Page 14: Study of Malformed Message Attacks and their Prevention By Shailesh Yadav & Nikhil Mohod TEL 500 PROJECT](https://reader036.vdocuments.mx/reader036/viewer/2022062722/56649f2a5503460f94c4452e/html5/thumbnails/14.jpg)
THANK YOU
Questions ?