© Egemen K. Çetinkaya
Introduction to Network Security Missouri S&T University CPE 5420
Link Layer Security
Egemen K. Çetinkaya
Department of Electrical & Computer Engineering
Missouri University of Science and Technology
http://web.mst.edu/~cetinkayae/teaching/CPE5420Fall2016
21 October 2016 rev. 16.0 © 2014–2016 Egemen K. Çetinkaya
© Egemen K. Çetinkaya
Link Layer Security Outline
• Background
• Attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 2
© Egemen K. Çetinkaya
Link Layer Security Background
• Background
• Attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 3
© Egemen K. Çetinkaya
Network Architecture and Topology The Network
• Collection nodes or intermediate systems (IS)
– switches, routers, bridges, etc.
• Interconnected by links that
• Provide connectivity among end systems (ES) or hosts or terminals – desktops, laptops, servers, telephone handsets, etc.
– note: in some networks nodes may be both ES and IS
21 October 2016 MST CPE 5420 – Link Layer Security 4
© Egemen K. Çetinkaya
Network Architecture and Topology The Network
End system
Intermediate system
edge or access switch
core or backbone switch
multihomed
wireless
link
21 October 2016 MST CPE 5420 – Link Layer Security 5
© Egemen K. Çetinkaya
Protocol Layering OSI Model
7 application application–application
6 presentation data formatting
5 session dialogue management
4 transport end-to-end
3 network forwarding/routing
2 link hop-by-hop
MAC medium access control
1 physical transmission
• ISO 7498: open systems interconnection
– protocol: rules for communication between entities
21 October 2016 MST CPE 5420 – Link Layer Security 6
© Egemen K. Çetinkaya
Protocol Layering Hybrid Layer/Plane Cube
physical
MAC
link
network
transport
session
application
L1
L7
L5
L4
L3
L2
L2–
data plane control plane
p
l
a
n
e
management
21 October 2016 MST CPE 5420 – Link Layer Security 7
© Egemen K. Çetinkaya
Link Layer Background Services
• Draw logical connections?
7 October 2016 MST CPE 5420 – Application & Transport Layer Security 8
© Egemen K. Çetinkaya
Link Layer Background Layering
• Link layer is hop-by-hop (HBH)
end system
link link
network
link
network
transport
end system router repeater / bridge
link
network
transport
7 October 2016 MST CPE 5420 – Application & Transport Layer Security 9
© Egemen K. Çetinkaya
Link Layer Background Services
• Link layer is HBH analog of E2E transport layer
– transport layer (L4) transfers packets E2E
• Link layer (L2) service to network layer (L3)
– transfer frame HBH
• sender: encapsulate packet into frame and transmit
• receiver: receive frame and decapsulate into packet
– error checking / optional correction or transmission
– flow control possible but generally not needed at link layer
• via parameter negotiation (e.g. data rate)
• Link layer performs multiplexing and switching
21 October 2016 MST CPE 5420 – Link Layer Security 10
© Egemen K. Çetinkaya
Link Layer Background Types of Links
• What are types of transmitting bits on the link?
– hint: number of transmitters/receivers?
21 October 2016 MST CPE 5420 – Link Layer Security 11
© Egemen K. Çetinkaya
Link Layer Background Types of Links
• Point-to-point links
– one transmitter per medium
• dedicated
• multiplexed
– example Point-to-Point protocol?
21 October 2016 MST CPE 5420 – Link Layer Security 12
© Egemen K. Çetinkaya
Link Layer Background Types of Links
• Point-to-point links
– one transmitter per medium
• dedicated
• multiplexed
– e.g. PPP: dialup for Internet access
• uses CHAP and PAP for authentication [RFC 1994, RFC 1334]
• Shared medium (multiple access)
– multiple transmitters per medium
– results in contention for the medium
• MAC (medium access control) needed
– example medium (which environment do you need MAC)?
21 October 2016 MST CPE 5420 – Link Layer Security 13
© Egemen K. Çetinkaya
Link Layer Background Types of Links
• Point-to-point links
– one transmitter per medium
• dedicated
• multiplexed
– e.g. PPP: dialup for Internet access
• uses CHAP and PAP for authentication [RFC 1994, RFC 1334]
• Shared medium (multiple access)
– multiple transmitters per medium
– results in contention for the medium
• MAC (medium access control) needed
– e.g. wireless networks
21 October 2016 MST CPE 5420 – Link Layer Security 14
© Egemen K. Çetinkaya
Link Layer Background MAC Protocol Taxonomy
• What are the types of MAC protocols?
21 October 2016 MST CPE 5420 – Link Layer Security 15
© Egemen K. Çetinkaya
Link Layer Background MAC Protocol Taxonomy
• Channel partitioning – channel divided into smaller pieces
• e.g. TDMA, FDMA, OFDMA, WDMA
• Random access – channel not divided, collisions occur
• e.g. ALOHA, slotted ALOHA, CSMA, CSMA/CD
• Coordinated access – nodes takes turns
• e.g. token ring, polling
• Spread spectrum – multiple users spread across the spectrum
• e.g. CDMA
21 October 2016 MST CPE 5420 – Link Layer Security 16
© Egemen K. Çetinkaya
Link Layer Background Example Link Layer Protocols
• What are some link layer protocols?
21 October 2016 MST CPE 5420 – Link Layer Security 17
© Egemen K. Çetinkaya
Internet Protocols Important Link and MAC Protocols
Common name Standard Scope Technology
Ethernet IEEE 802.3 LAN/MAN wire, fiber
Token ring IEEE 802.5 LAN wire
WirelessLAN WiFi
IEEE 802.11 LAN RF, (IR)
WPAN IEEE 802.15 PAN RF
WirelessMAN WiMAX
IEEE 802.16 MAN RF
SONET ANSI T1.105 ITU G.707
MAN/WAN fiber
electronic switch
OTN ITU G.709 MAN/WAN fiber
optical switch
21 October 2016 MST CPE 5420 – Link Layer Security 18
IEEE 802 network standards are available from standards.ieee.org/getieee802/portfolio.html
ITU-T standards are available from www.itu.int/publications/sector.aspx?lang=en§or=2
© Egemen K. Çetinkaya
Link Layer Security Attacks
• Background
• Attacks
– ARP attacks
– Wireless attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 19
© Egemen K. Çetinkaya
Link Layer Security Attacks
• Background
• Attacks
– ARP attacks
– Wireless attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 20
© Egemen K. Çetinkaya
Link Layer Security ARP
• Why and how do we use ARP?
MST CPE 5420 – Link Layer Security 21 October 2016 21
© Egemen K. Çetinkaya
Medium Access Control Addressing Overview
• Network address: 32 bit
– xxx.yyy.zzz.ttt
• MAC (Ethernet, physical) address: 48 bit
– AA-BB-CC-DD-EE-FF
– first 24 bits designates vendor, managed by IEEE • http://standards.ieee.org/develop/regauth/oui/public.html
– last 24 bits designates physical address
• MAC adr. gets frame from one interface to another
– physically-connected interface (same network)
21 October 2016 MST CPE 5420 – Link Layer Security 22
© Egemen K. Çetinkaya
Address Resolution Protocol Overview
• ARP resolves IP addresses to MAC addresses
• Analogy:
– IP address → postal address
– MAC address → social security number
• ARP table maps IP addresses to MAC addresses
• ARP specified in RFC 826
• Operation: – router broadcasts REQUEST
– nodes reply with REPLY
• Reverse ARP specified in RFC 903
21 October 2016 MST CPE 5420 – Link Layer Security 23
© Egemen K. Çetinkaya
Address Resolution Protocol Operation
• Node A and Node B in the same subnetwork
– AA-AA-AA-AA-AA-AA and BB-BB-BB-BB-BB-BB
• Node A broadcasts who has MAC address of B?
• Node B replies: my MAC adr. is BB-BB-BB-BB-BB-BB
• A encapsulates packet and sends the frame
• A caches IP to MAC address mapping
• What are the benefits of caching?
21 October 2016 MST CPE 5420 – Link Layer Security 24
© Egemen K. Çetinkaya
Address Resolution Protocol Operation
• Node A and Node B in the same subnetwork
– AA-AA-AA-AA-AA-AA and BB-BB-BB-BB-BB-BB
• Node A broadcasts who has MAC address of B?
• Node B replies: my MAC adr. is BB-BB-BB-BB-BB-BB
• A encapsulates packet and sends the frame
• A caches IP to MAC address mapping
– to reduce ARP overhead
– cache has limited size
– each ARP entry has limited lifetime
• why don’t we keep them forever?
21 October 2016 MST CPE 5420 – Link Layer Security 25
© Egemen K. Çetinkaya
ARP Attack ARP Poisoning (MITM Attack)
• http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Man-in-the-Middle-Attacks-ARP-Part1.html
21 October 2016 MST CPE 5420 – Link Layer Security 26
© Egemen K. Çetinkaya
ARP Attack ARP Poisoning (MITM Attack)
• Also called ARP cache poisoning or ARP spoofing
• Malicious node poisons the switch ARP table
• Defense is
– dynamic ARP inspection
– static configuration
– S-ARP [BOR2003]
– secure ARP [GH2003]
– arpwatch from LBNL: http://ee.lbl.gov
21 October 2016 MST CPE 5420 – Link Layer Security 27
© Egemen K. Çetinkaya
Link Layer Security Attacks
• Background
• Attacks
– ARP attacks
– Wireless attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 28
© Egemen K. Çetinkaya
Wireless Networks Geographic Scope
• Body area network – WBAN
• Personal area network – WPAN
• Local area network – WLAN
• Metropolitan area network – WMAN
• Wide area network – WWAN
21 October 2016 MST CPE 5420 – Link Layer Security 29
© Egemen K. Çetinkaya
Wireless Networks Protocol Examples
• Body area network – WBAN
– e.g. ?
• Personal area network – WPAN
– e.g. ?
• Local area network – WLAN
– e.g. ?
• Metropolitan area network – WMAN
– e.g. ?
• Wide area network – WWAN
– e.g. ?
21 October 2016 MST CPE 5420 – Link Layer Security 30
© Egemen K. Çetinkaya
Wireless Networks Protocol Examples
• Body area network – WBAN
– e.g.: wearable computing, sensor networks: IEEE 802.15.6
• Personal area network – WPAN
– e.g.: personal computing devices: IEEE 802.15
• Local area network – WLAN
– e.g.: coverage area of home or office: IEEE 802.11
• Metropolitan area network – WMAN
– e.g.: coverage area 10-20 km: IEEE 802.16
• Wide area network – WWAN
– e.g.: cellular telephony: CDMA, GSM
21 October 2016 MST CPE 5420 – Link Layer Security 31
© Egemen K. Çetinkaya
Security in Wireless Networks Attacks
• Node compromise
• Eavesdropping
• Privacy of data
• Denial of service attacks
• Malicious use of commodity networks
MST CPE 5420 – Link Layer Security 21 October 2016 32
[CP2003]
© Egemen K. Çetinkaya
Security in Wireless Networks Node Compromise
• Node compromise
– node physically captured by an adversary
– countermeasures:
• tamper-resistant hardware – expensive for defense
• node-to-node authentication in software
• erasable memory
• Eavesdropping
• Privacy of data
• Denial of service attacks
• Malicious use of commodity networks
MST CPE 5420 – Link Layer Security 21 October 2016 33
© Egemen K. Çetinkaya
Security in Wireless Networks Eavesdropping
• Node compromise
• Eavesdropping
– passive attack – easy due to open channel
– countermeasures:
• encryption – harder for large-scale sensor networks
• multipath routing – parts of message sent on different paths
• Privacy of data
• Denial of service attacks
• Malicious use of commodity networks
MST CPE 5420 – Link Layer Security 21 October 2016 34
© Egemen K. Çetinkaya
Security in Wireless Networks Privacy
• Node compromise
• Eavesdropping
• Privacy of data
– unauthorized access to information
– countermeasures:
• encryption
• access control
• reduction in data details – e.g. aggregation in sensor networks
• Denial of service attacks
• Malicious use of commodity networks
MST CPE 5420 – Link Layer Security 21 October 2016 35
© Egemen K. Çetinkaya
Security in Wireless Networks Denial of Service Attacks
• Node compromise
• Eavesdropping
• Privacy of data
• Denial of service attacks
– aims for network resource exhaustion
• Malicious use of commodity networks
MST CPE 5420 – Link Layer Security 21 October 2016 36
© Egemen K. Çetinkaya
DoS Attacks and Countermeasures Physical Layer
• Attacks:
– jamming
• simple
– battery exhaustion
• Countermeasures:
– spread spectrum techniques
– buffering during attack
• requires memory
– authentication
– use of alternative transmission during attack
• IR or optical
MST CPE 5420 – Link Layer Security 21 October 2016 37
[WS2002]
© Egemen K. Çetinkaya
DoS Attacks and Countermeasures Link Layer
• Attacks:
– collision or corrupting frames for checksum mismatch
– battery exhaustion by retransmissions
– unfairness
• Countermeasures:
– error correcting codes against collisions
• expensive; requires more bandwidth
– link layer admission control and rate limiting
– use of small frames against unfairness
MST CPE 5420 – Link Layer Security 21 October 2016 38
[WS2002]
© Egemen K. Çetinkaya
DoS Attacks and Countermeasures Network Layer
• Attacks:
– neglecting or greedy nodes
– misdirection of packets
– black holes partitions network
• by advertising zero-cost routes
• Countermeasures:
– authorization
– redundant messages
– multipath routing
– monitoring
– probing
MST CPE 5420 – Link Layer Security 21 October 2016 39
[WS2002]
© Egemen K. Çetinkaya
DoS Attacks and Countermeasures Transport Layer
• Attacks:
– flooding
• memory exhaustion for stateful connections
– desynchronization
• forged messaged (e.g. control flag, seq. #) for retransmission
• Countermeasures:
– authentication
– limiting number of connections
– client puzzles
• computationally expensive
MST CPE 5420 – Link Layer Security 21 October 2016 40
[WS2002]
© Egemen K. Çetinkaya
Security in Wireless Networks Malicious Use of Commodity Networks
• Node compromise
• Eavesdropping
• Privacy of data
• Denial of service attacks
• Malicious use of commodity networks
– use of sensor for illegal purposes
• e.g. planting them in computers to extract data
– countermeasure
• deployment of sensor networks to detect malicious activity
• this makes attack expensive, but cannot defend
MST CPE 5420 – Link Layer Security 21 October 2016 41
© Egemen K. Çetinkaya
Link Layer Security Wireless Security
• Background
• Attacks
• Wireless security
MST CPE 5420 – Link Layer Security 21 October 2016 42
© Egemen K. Çetinkaya
Wireless Networks Geographic Scope
• Body area network – WBAN
• Personal area network – WPAN
• Local area network – WLAN
• Metropolitan area network – WMAN
• Wide area network – WWAN
21 October 2016 MST CPE 5420 – Link Layer Security 43
© Egemen K. Çetinkaya
WBAN Security Overview
• Body area network – WBAN
• WBANs are primarily for healthcare
• Novel applications:
– ubiquitous health monitoring (UHM)
– computer-assisted rehabilitation
– emergency medical response system (EMRS)
– promoting healthy living styles
• Privacy is the main concern
• Defense: encryption and access control to user data
21 October 2016 MST CPE 5420 – Link Layer Security 44
© Egemen K. Çetinkaya
WBAN Security Architecture
• 3 tier architecture [LLR2010]
21 October 2016 MST CPE 5420 – Link Layer Security 45
© Egemen K. Çetinkaya
WPAN Security Overview
• Personal area network – WPAN
• Short range, low power communications
– applications: portable computing devices, sensor networks
• Well-known technologies
– Bluetooth
• https://www.bluetooth.org
– ZigBee
• http://www.zigbee.org
– NFC (near field communications)
• http://www.nearfieldcommunication.org
• http://nfc-forum.org
21 October 2016 MST CPE 5420 – Link Layer Security 46
© Egemen K. Çetinkaya
WPAN Security Attacks and Defenses
• Highly susceptible to physical attacks
• Attacks on MAC layer involves:
– collision
– exhaustion
– unfairness
• Attacker enforces large number of tasks
– in order to deplete its battery
• IEEE 802.15.4 uses AES for encryption
21 October 2016 MST CPE 5420 – Link Layer Security 47
© Egemen K. Çetinkaya
WLAN Security Overview
• Local area network – WLAN
• 802.11 ≠ Wi-Fi
– Wi-Fi is interoperability certification
• Modes:
– infrastructure: STAtions communicate through APs
• AP: access point
– ad hoc mode: STAtions communicate directly
21 October 2016 MST CPE 5420 – Link Layer Security 48
© Egemen K. Çetinkaya
WLAN Security 802.11 Standards
• Latest standard is 802.11-2012 (linked on webpage)
– originally published in 1999
• 802.11a 5.8 GHz, 54 Mb/s
• 802.11b 2.4 GHz, 11 Mb/s
• 802.11g 2.4 GHz, 54 Mb/s
• 802.11e defines QoS
• 802.11i security enhancements
• 802.11n 20 MHz, 72 Mb/s, uses MIMO
21 October 2016 MST CPE 5420 – Link Layer Security 49
© Egemen K. Çetinkaya
WLAN Security Architecture
• Basic service set (BSS): single AP
• Distribution system (DS): connects multiple BSS
• Extended service set (ESS): union of multiple BSS
21 October 2016 MST CPE 5420 – Link Layer Security 50
[802.11-2012]
© Egemen K. Çetinkaya
WLAN Security Overview
• WEP – Wired Equivalent Privacy
– dealt with privacy aspects
– broken and deprecated, pre-RSN protocol
• 40-bit key
• WPA – Wi-Fi Protected Access
– developed by Wi-Fi alliance as a replacement to WEP
• RSN – Robust Security Network
– WPA-2 is the latest version
21 October 2016 MST CPE 5420 – Link Layer Security 51
© Egemen K. Çetinkaya
WLAN Security RSN Services and Protocols
• RSN employs various services and protocols
21 October 2016 MST CPE 5420 – Link Layer Security 52
© Egemen K. Çetinkaya
WLAN Security RSN Cryptographic Algorithms
• RSN employs various cryptographic algorithms
21 October 2016 MST CPE 5420 – Link Layer Security 53
© Egemen K. Çetinkaya
WLAN Security Phases of Operation
21 October 2016 MST CPE 5420 – Link Layer Security 54
© Egemen K. Çetinkaya
WLAN Security Phases of Operation
• Discovery
– STA associates with an AP, agrees upon protocols
• Authentication
– STA & AS (authentication server), proving identities
• Key management and distribution
– keys exchanged between STA and AP
• Protected data transfer between end points
– this is not E2E secure connection
• Connection termination
– secure connection is torn down
21 October 2016 MST CPE 5420 – Link Layer Security 55
© Egemen K. Çetinkaya
WLAN Security Authentication Protocol
• Uses SAE – Simultaneous Authentication of Equals
• Password-based key exchange
– two entities that share a password
– wish to authenticate each other
– derive a strong, secret, and shared key
• Particularly for mesh networks
– 802.11s
• It is a peer-to-peer protocol, has no asymmetry
21 October 2016 MST CPE 5420 – Link Layer Security 56
© Egemen K. Çetinkaya
WLAN Security Confidentiality and Integrity Protocols
• TKIP – Temporal Key Integrity Protocol
– interim solution to replace WEP without replacing hardware
– deprecated
• CCMP – CTR with CBC-MAC Protocol
– based on AES: 128-bit key and 128-bit block size
• BIP – Broadcast/Multicast Integrity Protocol
– based on AES: 128-bit key and 128-bit block size
21 October 2016 MST CPE 5420 – Link Layer Security 57
© Egemen K. Çetinkaya
WMAN Security Overview
• Metropolitan area network – WMAN
• Well-known technology is IEEE 802.16
• 802.16 ≠ WiMAX
– WiMAX provides compatibility and interoperability
• Primarily for last mile access
• Uses AES or DES
• Provides authentication, key exchange, encryption
21 October 2016 MST CPE 5420 – Link Layer Security 58
© Egemen K. Çetinkaya
WWAN Security Overview
• Wide area network – WWAN
• Mobile cellular telephony
– CDMA
• inherently hard to eavesdrop due to self noise
– GSM
• GSM phones has the SIM card
• Privacy is main threat for cellular networks
• Complex network administration
21 October 2016 MST CPE 5420 – Link Layer Security 59
© Egemen K. Çetinkaya
References and Further Reading
• [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, 2002.
• [S2017] William Stallings, Cryptography and Network Security: Principles and Practice, 7th edition, Prentice Hall, 2017.
• [KR2017] James F. Kurose and Keith W. Ross, Computer Networking: A Top-Down Approach, 7th edition, Pearson, 2017.
• Some slides are adopted from “KU EECS 882 – Mobile Wireless Networking” class taught by Prof. James P.G. Sterbenz
• [DKB2005], [SMM+2006], [KW2003],
• [IEEE 802.11-2012]
• [BOR2003], [GH2003],
• [IEEE/ISO/IEC 8802-1X-2013],
• [CHAP: RFC 1994], [RADIUS: RFC 2865], [EAP: RFC 3748] MST CPE 5420 – Link Layer Security 21 October 2016 60
© Egemen K. Çetinkaya
References and Further Reading
• [BOR2003] Danilo Bruschi, Alberto Ornaghi, and Emilia Rosti, “S-ARP: a Secure Address Resolution Protocol,” in Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC), Las Vegas, NV, December 2003, pp. 66 – 74.
• [GH2003] Mohamed G. Gouda and Chin-Tser Huang, “A secure address resolution protocol,” Computer Networks, Volume 41, Issue 1, pp. 57 – 71, January 2003.
• [CP2003] Haowen Chan and Adrian Perrig, “Security and Privacy in Sensor Networks,” IEEE Computer, October 2003, pp. 103 – 105.
• [WS2002] Anthony D. Wood and John A. Stankovic, “Denial of Service in Sensor Networks,” IEEE Computer, October 2002, pp. 54 – 62.
• [PSW2004] Adrian Perrig, John A. Stankovic, David Wagner, “Security in Wireless Sensor Networks,” Communications of the ACM, June 2004, pp. 53 – 57.
MST CPE 5420 – Link Layer Security 21 October 2016 61
© Egemen K. Çetinkaya
References and Further Reading
• [LLR2010] Ming Li, Wenjing Lou, and Kui Ren, “Data Security and Privacy in Wireless Body Area Networks,” IEEE Wireless Communications, Volume 17, Issue 1, pp. 51 – 58, February 2010.
• https://tools.ietf.org/html/draft-daniel-6lowpan-security-analysis-05
• https://www.nsa.gov/ia/_files/factsheets/i732-016r-07.pdf
• [JW2004] David Johnston and Jesse Walker, “Overview of IEEE 802.16 Security,” IEEE Security & Privacy, Volume 2, Issue 3, pp. 40 – 48, 2004.
MST CPE 5420 – Link Layer Security 21 October 2016 62
© Egemen K. Çetinkaya
End of Foils
MST CPE 5420 – Link Layer Security 21 October 2016 63