CSE 651
Homework 0
Due
Wednesday September 28
Networks are increasingly been used in new ways. For example, for making the electric grid smarter, for using edge sensor networks for monitoring buildings and industrial plants, for rural/citywide wireless meshes and multihop networks, for intraconnecting/interconnecting large data centers and compute clusters, for enabling social networks.
This homework addresses cybersecurity attacks in these new domains of networking.
By way of context, recall that sophisticated attacks on the internet have grown exponentially in the last decade. Here are examples of well known security attacks.
· Cyberwarfare incidents where nation states attack other states or organizations have trended up over the last several years. As early as 1982, a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. Apparently CIA had modified the code for the control system to include a logic bomb which changed the pump speeds to cause the explosion.
· In July 2010, a Windows computer worm, Stuxnet, was discovered that spies on and subverts industrial software and equipment. It included a programmable logic controller (PLC) rootkit, and has apparently had substantial impact on Iranian uranium enrichment infrastructure.
· On February 6 2007, attackers launched a distributed denial-of-service attack on three of the 13 Internet DNS "root" servers, which help direct global Internet traffic by resolving domain names to IP addresses. Fortunately, despite the increased traffic, no noticeable failure occurred.
·
Smurf / Trinoo / Stachelgracht DoS attack on Yahoo
attack of 2001. The attack was successful as the
·
Code Red / Nimda worm,
which was directed at end users, resulted in a large
traffic jam on the internet. The resulting congestion led to the failure of
· Junk web pages exist on the internet to lure search engine users to advertisement as a way of creating revenue. Attackers create false doorway pages, and work with operators of web hosting companies who profit by redirecting traffic passed from search engines in one direction and then sending advertisements acquired from syndicators in the opposite direction.
The homework
Carefully describe
the facts involved in four large scale or impactful computer system security
attacks that have occurred in the last year and that were based on attacking a
new sort of network (such as the sorts identified in the first paragraph).
Credit will be reserved for attacks which exploit links or channels using the
concepts in Lecture 0; slides 11-16, i.e. attacks related to the communication
model of the network as opposed to the access model. Your description should be
brief, clear and concise and should reflect your understanding of the attack.
Make sure to include any references in a separate references section.
For each attack:
a) Carefully identify and classify the attack
(i.e. what threats that were exploited, were these application related, network
device related, network protocol related, security policy related, were they
active or passive, etc).
b) Carefully identify what security properties
of the system were violated (see slide 26 for examples of security properties).
c) Describe the effects (or the pattern of
effect) of the attack leading up to the violation (identify what network layers
or system components were affected).
d) Describe the countermeasures that were
installed to prevent the attack from occurring in the future.
Prepare your
homework as a webpage, and use the submit program to deliver your homework by classtime.
We’ll compile these on a webpage. (Anonymize your webpage in case
you do not wish your name to show on the page.)
submit c651aa hw0 <webpage-file-name>
Reading Assignment