Kai Hwang Internet and Wireless Security Laboratory University of Southern California Presentation at ICA3PP2002, Beijing, China, October 23, 2002 Wireless Internet Security with Dynamic Intrusion Response for M-Commerce
Kai HwangInternet and Wireless Security Laboratory
University of Southern California
Presentation at ICA3PP2002, Beijing, China, October 23, 2002
Wireless Internet Security with Dynamic Intrusion
Response for M-Commerce
Presentation Outline:
� Wireless Public Key Infrastructure (WPKI) for Securing M-Commerce
� Mobile IPv6 and Wireless TCP for Hybrid 3G Wireless/All-IP Networks
� Risk Assessment for Dynamic IntrusionResponse to Multiple Network Attacks
Core Technology in Wireless Internet
Multi-Mode
Mobile Station
RAN 1(WLAN)
RAN 2(CDMA)
RAN 3(WCDMAor UMTS)
RAN n(other access technology)
Unified All-IP Core Network
IP Backhaul
Intranets
Internet
Mobile Internet Edge :• Mobile Internet Edge Product• WTCP and WTLS Software Suites• Cluster Platform for Wireless Gateway • Storage-area Networking and RAID
Multi-mode Mobile Station:• Mobile IPv6, WTCP• WTLS• 1x EV DO + WLAN• Chipset
MobileInternetEdge
Basic Wireless Security Requirements:
� Confidentiality of exchanges – make sure that nobody can listen in.
� Authentication – Certify the identities of the parties involved.
� Data Integrity - assurance that data is not tampered on its journey.
� Non-repudiation of transactions –assure agreements are legally binding.
Increasing Security Demand inM-Commerce and Pervasive Applications:
� LANs, clusters, Intranets, WANs, Grids, and the Internet all demand security protection hacker-proof operations, crucial to the acceptance of a trust-based digital society
� Innovative mobile wireless services, E-transactions, telemedicine, and digital government; all demand high security, privacy protection, and data integrity.
Wireless Internet Access andWAP Gateway Functionality Based on WTLS Technology
WTLS: Wireless Transport Layer SecurityThe Protocol to implement wireless security in the
WPKI (Wireless Public Key Infrastructure)
Conceptual Wireless PKI Model
Internet
LCARA LCA server
RootCA RootCA serverRA
HTTP or LDAP
WEB
WEB
Verify cert. from server Verify Certicate.
or Using URL
Cert.Or
URL
(Key distribution) WTLS
Cert.
Cert. for server
DirectoryDirectory
DirectoryDirectory
Trust Propagation by Bridging PKI Domains over Wireline and Wireless Networks
Certificate
CrossCertificate
CrossCertificate
Wireless PKI built with trust lists
CrossCertificate
Bridge CA
WiredCA - 2
Trust List Model
Hierarchical PKI Mesh PKI
Certificate
CA
RootCA
CA
CAWired CA-3
Wired CA-4
WirelessCA-1
Example Trust Path construction from wired CA-3 to wireless CA2:Wired CA-3 ���� Wired CA-2, Wired CA-2 ���� Bridge CA, Bridge CA���� Wireless CA-1, Wireless CA-1 ���� Wireless CA-2
WirelessCA-2
WirelessCA-3
Interoperability of WPKIwith Traditional PKI
SSL/TLS
WTLS
WPKIExpansion
X.509
Mobile ServicesServer
Mobile ServicesServer
RA for Mobile
PKI portal
RA for Mobile
PKI portal
WAP GatewayWAP
GatewayMobil
DevicesMobil
Devices
X.500/LDAP
WTLS SSL/TLS
PKCS #10
Traditional PKI
MobilClient
MobilClient
SmartCardsSmartCards
WPKICA
Server
WPKICA
Server
TraditionalRA
TraditionalRA
DirectoryServer
DirectoryServer
Other CAServers
Other CAServers
OCSPOCSP PKCS #7
PKCS15
Conventional CA
Servers
Conventional CA
Servers
PUBLISH
WTLS CERTIFICATE REQUEST PKCS #10
WTLSCERT.
WTLSCERT.
X.509CERT
X.509CERT
Middleware for Trust Managementon the Bridge CA Cluster
WTLS/X.509Cross
Certificate Engine
WTLS/X.509Cross
Certificate Engine
CRLManagement
Engine
CRLManagement
Engine
Directory/LDAPEngine
Directory/LDAPEngine
Policy Configuration
Engine
Policy Configuration
Engine
Trust Bridging MiddlewareTrust Bridging Middleware
Wireless PKI
Wireless PKI
WirelineX.509 PKIWireline
X.509 PKI
May 20, 2003 Kai Hwang, USC 12
Mobile IPv6, WTCP, and WTLS Protocols for Security in Hybrid
Wireless and IP-Based Networks
Mobile Device
Attachment Points
Wireless Foreign Network
WirelessHome Network
All IP-Based Backbone Network
Fixed Hosts
May 20, 2003 Kai Hwang, USC 13
Home Agents vs. Foreign Agents in Mobile IP Communication
� Each mobile has a Home Agent (HA) and a Foreign Agent(FA). They work jointly to track the network links for tunneling datagrams destined to a mobile device.
� Operation of Mobile IP: The HA and FA make themselves known by advertisement. Agent discovery, registration, and tunneling are 3 major processes
� Tunneling (routing) The HA encapsulates the message from the IP host to the mobile device via its FA. It is desired to achieve optimized routing of the packets destined for a mobile device
May 20, 2003 Kai Hwang, USC 14
Security Features in Proposed IPv6� Support five security Standards published by IETF
� RFC 1825 - Security architecture for the IPv6� RFC 1826 - IP Authentication Header� RFC 1827 - IP Encapsulating Security Payload (ESP)� RFC 1828 – IP Authentication using keyed MD5� RFC 1829 - The ESP DES-CBC Transform
� IP security association and authentication are combined to transmit IP packets
� IPv6 offers options for future expansion in authentication, data integrity, and confidentiality.
May 20, 2003 Kai Hwang, USC 15
Ultimate Goal: Mobile IPv6 � Mobile IPv6 uses the improved IPv6 routing header, along
with the authentication header. Other IPv6 functionalities are optimized to simplify routing to the mobile device
� Mobile IPv6 applies no FA. The mobile device uses an address auto-configuration feature in IPv6 to acquire a care-of-address on a foreign link.
� With the care-of address, a fixed correspondent can send packets directly to a mobile node using the routing headerOtherwise, a correspondent sends the packets, indirectly,thru the home network using source routing
May 20, 2003 Kai Hwang, USC 16
W TLS Stack over W ireless G atew ay
Browser
W TLS
W D P
Phone W ireless G atew ay W eb Server
B earer
W TLS
W DP
Bearer
Server
TLS
TCP
IP
TLS
TCP
IP
Data in the C lear
W irelessN etw ork
Lin kLin k
W iredN etw ork
W ireless Transport Layer Security
May 20, 2003 Kai Hwang, USC 17
WTLS Service Classes (M-Mandatory O-Optional, NA- Not applicable)
Functional Features Class 1 Class 2 Class 3Public-key exchange M M M
Server certificates O M MClient certificates O O M
Shared-secret handshake O O OCompression NA O O
Encryption M M MMAC M M M
Smart card interface NA O O
May 20, 2003 Kai Hwang, USC 18
Wireless TCP (WTCP) for 3G Mobile Wireless Communications
� IST International has implemented 11 WTCP algorithms on Linux servers
� Up-to-6 times of improvement achieved with a subset of the algorithms turned on
Distributed DoS Attacks
Attacker Victim
Z
Z Z
HZ
ZZ ZZ
Z
1. Attacker infiltrates hosts and commands a handler (H). 2. Handler sends commends to zombies (Z). 3. Zombies attack the victim, damaging CPU, Memory and
network resources.
May 20, 2003 Kai Hwang, USC 20
Clustered Security Testbedbuilt at University of Southern California
Internet
Gateway Firewa llPol icy Manager
Nodes with Micro-Firewall
DemilitarizedZone
Router
Router
Nodes with Micro-Firewall
SwitchNetwork
Micro-Firewalls, Benchmark IDS, RADAR Scheme, and Trust Middleware for Developing
Cost-Effective BCA and AAA Servers
Securing Clusters and Intranetswith AAA, Micro-Firewalls, XML,
WPKI, and RADAR Technologies
� Distributed micro firewalls, IDS, and IRS built in the RADAR architecture at USC Labs.
� XML, RMI, CORBA, FTP, HTTP, SMTP, and Aglets evaluated for dynamic security updates
� Provide a full spectrum of VPN, pervasive, and grid-computing security infrastructures using the IPSec, XML, AAA, WPKI, and RADAR technologies
May 20, 2003 Kai Hwang, USC 22
System call interface
User Programs
User Programs
User Programs
User Programs
Micro-firewall
TCP/IP Stack
Network Cards
Memory, file and Process Managers
Disk Drives Main Memory
User Space
Kernel Space
Hardware
Packet Filter
Anomaly Detection
Access Logging
Implementing Micro-Firewall in The Linux Kernel
K. Hwang and M. Gangadharan, “Micro-Firewalls for Dynamic Security with Distributed Intrusion Detection”, IEEE International Symposium of Network Computing and Applications, Cambridge, MA. Oct. 8-12, 2001
RADAR: Risk Assessment for Intrusion Detection with Armed Response
(IDS: intrusion detection system, RAS: risk assessment system, and IRS: intrusion response system)
Responses
IDSIDS RASRAS IRSIRSAttacks
Alarms
Security Policy and Damage/Cost information from Security Administrator
Assessed Risks
Attack characteristics
Intrusions
Set-theoretic Relationships between intrusive attacks and possible responses
f4
Intrusive Attacks
Effective Responses
Detected Attacks true Alarms
Responsive Counter-measuresf1
f3Wasted Responses
False Alarms and Missed Detection
f2
Mappings f1 and f2 are desired, but f 3 and f4 are not wanted
Alarm Matrix from IDS Report
1 to n alarms
1 to n attacks
Detection Misses(False Negatives)
zy
0
xz
False-positivealarms u
= A = (aij)
x : Detection hits y : False negatives z : False Alarms u : False positives
IDS Performance of 5 Attack Programs on USC Linux Cluster
0%
20%
40%
60%
80%
Nimda Code Red Queso Smurf BIND Average
Attack Types
Hit RateMiss RateFalse Alarm Rate
Dynamic Selection ofIntrusion Response Strategies
Start
Is RMax > γγγγ ?
Is EIDS > αααα ?
Is RMax > γγγγ ?Is G > ββββ ?
No
NoNo
No
Yes
Yes
Yes EIDS = IDS EfficiencyG = Alarm Frequency
RMax = Maximum RiskStrategy A
Strategy C
Strategy B
Strategy D
Poor IDS Used
Yes
Improve the IDS
Effects of Threshold in Selecting Intrusion Response Strategies
$150,000/week$50,000/week
30 alarms/week
10 alarms/week
40%
42%
44%
46%
48%
50%
30 alarms/week10 alarms/weekD
C
B
A
γ
β
IRS Efficiency
IRS Efficiency for Different Intrusion Response Strategies
0%
10%
20%
30%
40%
50%
60%
Strategy A Strategy B Strategy C Strategy D
Strategy Type
Ta =10 sec Tm = 1 hourTa =10 sec Tm = 3 hoursTa =10 sec Tm = 6 hours
Conclusions:� Wireless Internet security for M-Commerce
relies on the successful deployment of Mobile IPv6, WTLS, WTCP, and WPKI
� WPKI architecture optimization and itsinteroperability with wireline PKI are the most challenging R/D tasks
� The RADAR scheme offers dynamic security policy update with respect to changes in threat patterns and network conditions
Recent Papers and Presentation:
� K. Hwang, “Wireless PKI and Distributed IDS for Securing Intranets and M-Commerce”, Keynote Address, IEEE Third Int’l Conf. On Parallel and Distributed Computing, Applications, and Technologies (PDCAT2002), Kanazawa, Japan, Sept.4-6, 2002
� K. Hwang and M. Gangadharn, “Micro-Firewalls for for Dynamic Security with Distributed Intrusion Detection”, IEEE Int’l Conf. On Network Computing and Applications, Cambridge, MA. Oct. 8, 2001
�S. Tanachaiwiwat, K. Hwang, and Y. Chen, ” Adaptive Intrusion Response to Multiple Network Attacks with Minimal Risk”, submitted to ACM Transactions on Information and System Security, August 19, 2002, (under reviewing).
Upgrading AAA to Secure Mobile Internet Accesses through Wireless Gateways
• Access equipment include SGSN, GGSN, FA, HA, or PDSN, which can be prototyped on the 3G wireless platform.
• To improves the AAA services with higher reliability, performance, and scalability in billing, auditing, and network planning.
• Must consider the interoperability issues including multi-vendor support, multi-access support, and multiple accounting record supports.
Cluster Middleware, Linux Extensions, and Hardware Support of High-Security
IP Packet Applications
Hardware Support:Hotswap Devices, Router Interfaces
Linux OS Extensions:HA Interface, HA/HW Drivers
I/O Drivers, Platform Management Drivers
Cluster Management MiddlewareFault Management Availability Management
Failback SupportFailover Support Packet Switching
Linux Linux Linux
CPU CPU CPU
Redundant Cluster InterconnectsRedundant Power Redundant Cooling
Design Choices of Bridge CA andWireless PKI Portal at USC
Component Vision Operations Standards
Bridge CACluster
Client Perspective
Certificate Issue, update, renew, and revoke
X.509 V3 certificate,WPKI certificate
Client Certificate handling PKCS #10
Certificate status inquiry/response
OCSP, RFC2560
Other PKIPerspective
Interact with other X.509 PKI CMP, CMC
Directory Certificate Publish LDAP
PKI PortalClient Perspective
Certificate request forwarding PKCS#10
Wireless certificate requests WMLScript
Client Certificate URLs in LDAP LDAP
Other PKI Interact with X.509 PKI CMP, CMC
Residue Risk for 4 Attack Patterns
$0
$200,000
$400,000
$600,000
$800,000
$1,000,000
High Hit ( H75%, M 10%,
S 39%)
High Miss ( H10%, M
75%,S 39%)
HighConfusedAlarm ( H10%, M
50%,S 79%)
RunningExample ( H
48% M 47% S22%)
Hit DamageMiss DamageConfused Alarm Damage
Key Concepts of Mobile IP� A mobile device has a home IP address residing in its home
cellular network. When the device moves to a foreign network, it is given a care-of address
� The IETF (Internet Engineering Task Force) has proposed the Mobile IP as an interface between the home and foreign networks where the mobile device currently resides.
� Mobile IP is a protocol that keeps track the whereabouts and deliver the message to the device at its current location
� A mobile device at home applies the traditional IP in routing packets. When the device moves to a foreign network, the mobile IP is applied using the care-of address.