NoPASARAN: a Novel Platform for Analysing Semi-Active elements in Routes Across a Network

Benhabbour, Ilies; Dacier, Marc

doi:10.5604/01.3001.0016.1461

Artykuł - szczegóły

Tytuł artykułu

NoPASARAN: a Novel Platform for Analysing Semi-Active elements in Routes Across a Network

Autorzy

Benhabbour Ilies , Dacier Marc

Treść / Zawartość

Pełne teksty:

Pobierz

Identyfikatory

DOI

10.5604/01.3001.0016.1461

Warianty tytułu

Języki publikacji

Abstrakty

In this paper, we propose a novel, collaborative distributed platform to discover the presence, or analyse the configuration, of what we call semi-active elements. By doing so, we revisit the ideas initially proposed in [1, 2] with the Netalyzr tool and in [3] with Inmap-t. Our contributions lie in a simplified and more powerful design that enables the platform to be used for a variety of tasks, such as conformance verification, security testing, network configuration understanding, etc. The specifications, design and implementation choices of the platform are presented and discussed. Two use cases are revealed to illustrate how the platform can be used. We welcome any interest shown by others in deploying our tool in different environments, and encourage any subsequent collaboration in improving its expressiveness.

Słowa kluczowe

conformance firewall IPsec Man-in-the-Middle network proxy security TLS

zgodność firewall IPsec Man-in-the-Middle sieć bezpieczeństwo TLS

Wydawca

NASK – National Research Institute

Czasopismo

Applied Cybersecurity & Internet Governance

Rocznik

2022

Tom

Vol. 1, No. 1

Strony

1--25

Opis fizyczny

Bibliogr. 25 poz., rys.

Twórcy

autor

Benhabbour Ilies

ilies.benhabbour@kaust.edu.sa

King Abdullah University of Science and Technology in Thuwal, Saudi Arabia

https://orcid.org/0000-0002-0694-6767

autor

Dacier Marc

King Abdullah University of Science and Technology in Thuwal, Saudi Arabia

https://orcid.org/0000-0003-3206-2030

Bibliografia

1. C. Kreibich, N. Weaver, B. Nechaev, V. Paxson, “Netalyzr: Illuminating the edge network,” Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, 2010, pp. 246–259, doi: 10.1145/1879141.1879173.
2. N. Weaver, C. Kreibich, M. Dam, V. Paxson, “Here be web proxies,” in Passive and Active Measurement. PAM 2014. Lecture Notes in Computer Science, M. Faloutsos, A. Kuzmanovic, Eds. Cham: Springer, 2014, pp. 183–192, doi: 10.1007/978-3-319-04918-2_18.
3. A. Vitale, M. Dacier, “Inmap-t: Leveraging TTCN-3 to test the security impact of intra network elements,” Journal of Computer and Communications, vol. 9, pp. 174–190, 2021, doi: 10.4236/jcc.2021.96010.
4. G.F. Lyon, Nmap network scanning: The official Nmap project guide to network discovery and security scanning. Sunnyvale, CA: Insecure. Com LLC, 2008.
5. P. Baran, “On distributed communications networks,” IEEE Transactions on Communications Systems, vol. 12, no. 1, pp. 1–9, 1964, doi: 10.1109/ TCOM.1964.1088883.
6. D.W. Davies, K.A. Bartlett, R.A. Scantlebury, P.T. Wilkinson, “A digital communication network for computers giving rapid response at remote terminals,” Proceedings of the first ACM Symposium on Operating System Principles, 1967, pp. 2.1-2.17, doi: 10.1145/800001.811669.
7. J.H. Saltzer, D.P. Reed, D.D. Clark, “End-to-end arguments in system design,” ACM Transactions on Computer Systems (TOCS), vol. 2, no. 4, pp. 277–288, 1984, doi: 10.1145/357401.357402.
8. R. Oppliger, SSL and TLS: Theory and practice, 2nd ed. Norwood, MA: Artech House, Inc., 2016.
9. S. Frankel, S. Krishnan, “IP security (IPSec) and Internet key exchange (IKE) document roadmap,” RFC, vol. 6071, pp. 1–63, 2011, doi: 10.17487/RFC6071.
10. F. Callegati, W. Cerroni, M. Ramilli, “Man-in-the-middle attack to the https protocol,” IEEE Security & Privacy, vol. 7, no. 1, pp. 78–81, 2009, doi: 10.1109/MSP.2009.12.
11. B. Aziz, G. Hamilton, “Detecting man-in-the-middle attacks by precise timing,” in 2009 Third International Conference on Emerging Security Information, Systems and Technologies, 2009, pp. 81–86, doi: 10.1109/SECURWARE.2009.20.
12. Y. Mirsky, N. Kalbo, Y. Elovici, A. Shabtai, “Vesper: Using echo analysis to detect man-in-the-middle attacks in LANs,” IEEE Transactions on Information Forensics and Security, vol. 14, no. 6, pp. 1638–1653, 2018, doi: 10.1109/TIFS.2018.2883177.
13. M. Usama, M. Asim, S. Latif, J. Qadir, A. Al-Fuqaha, “Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems,” in 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), 2019, pp. 78–83, doi: 10.1109/IWCMC.2019.8766353.
14. Z. Trabelsi, K. Shuaib, “Nis04-4: Man-in-the-middle intrusion detection,” IEEE Globecom 2006. pp. 1–6, 2006, doi: 10.1109/GLOCOM.2006.282.
15. S. Miller, K. Curran, T. Lunney, “Traffic classification for the detection of anonymous web proxy routing, ”International Journal for Information Security Research, vol. 5, no. 1, pp. 538–545, 2015, doi: 10.20533/IJISR.2042.4639.2015.0061.
16. M. Marlinspike. (2009). New tricks for defeating SSL in practice. [Online]. Available: https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf. [Accessed: Sep.28, 2022].
17. E. Chiapponi, M. Dacier, O. Thonnard, M. Fangar, V. Rigal, “Badpass: Bots taking advantage of proxy as a service,” in Information Security Practice and Experience. ISPEC 2022. Lecture Notes in Computer Science, C. Su, D. Gritzalis, V. Piuri, Eds. Cham: Springer, 2022, pp. 327–344.
18. M. Champion, M. Dacier, E. Chiapponi, M. Fangar, V. Rigal. (2022). Immune: Improved multilateration in noisy environments, Eurecom. [Online]. Available: https://www.eurecom.fr/publication/7065https://www.eurecom.fr/publication/7065. [Accessed: Oct. 24, 2022].
19. V. Paxson. (2022). Personal communication.
20. I. Schieferdecker, A.G. Vouffo-Feudjio, “The testing and test control notation TTCN-3 and its use, ”Formal Methods for Industrial Critical Systems: A Survey of Applications, 2012, pp. 205–233, doi: 10.1002/9781118459898.ch10.
21. M. Roesch, “Snort: Lightweight intrusion detection for networks,” Proceedings of LISA '99: 13th Systems Administration Conference Seattle, Washington, 1999, pp. 229–238.
22. S. Bansal, N. Bansal, “Scapy-a python tool for security testing,” Journal of Computer Science & Systems Biology, vol. 8, no. 3, p. 140, 2015, doi: 10.4172/JCSB.1000182.
23. Statelyai. (2021). Xstate. [Online]. Available: https://github.com/statelyai/xstate. [Accessed: Oct. 24, 2022].
24. M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams, “X.509 internet public key infrastructure online certificate status protocol - OCSP,” RFC, vol. 2560, pp. 1–23, 1999, doi: 10.17487/RFC2560.
25. Ansible. (2022). Ansible. [Online]. Available: https://github.com/ansible/ansible. [Accessed: Oct. 24, 2022].

Uwagi

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-1e905897-f1c8-46e7-a304-cfa38eb3d08a