MID-SESSION TEST AUTUMN SESSION 2012

SCHOOL OF COMPUTING, ENGINEERING & MATHEMATICS

STUDENT NAME: STUDENT NUMBER:. COURSE:.. UNIT NAME: UNIT NUMBER:

TIME ALLOWED:

Network Security 300143

ONE HOUR TOTAL NUMBER OF PAGES: 3

NUMBER OF QUESTIONS: 9 LECTURERS NAME: Hon Cheung

**************************************************

INSTRUCTIONS PLEASE READ CAREFULLY BEFORE PROCEEDING

1. 2. 3. 4. 5. 6. Write CLEARLY your answers only in the answer booklet provided. THIS IS A CLOSED BOOK TEST. Attempt no more than TWO questions from each Group. A total of SIX questions should be attempted and all questions carry equal marks. Calculators are permissible, but programmable/mobile-phone calculators are not allowed. Write your name and student number on the top of this examination paper and on each answer booklet that you use. Within a question, do not answer more than the number of required items or the first answered items will only be marked. 7. e.g. If three methods are answered for Describe two methods .., only the first two will be marked.

DO NOT TAKE THIS PAPER or ANY ANSWERBOOK FROM THE EXAMINATION ROOM.
Page 1 of 10

Answers were for marking purposes, e.g., in point-format. They should not be treated as sample answers. They are placed on vUWS for reference only. Delete answered questions in excess of SIX or the first six answered questions according to Instruction 3 will only be marked.

Group 1.
Q1 An Ethernet local area network consists of two computers, Computer A and Computer B, and a router which is used to connect the network to the outside. Describe the steps which an attacker takes to perform an ARP Cache Poisoning attack from Computer A on Computer B to stop Computer B from communicating to the outside of the network. List the relevant contents of the ARP cache in Computer B during the attack. Explain briefly why the attack works.

Answer:

Diagram and using IP addresses are optional. A label, such as IP_A, may be used for the IP address of Computer A, similar to using MAC_A for the mac address of the computer. Steps: The attacker sends an ARP query onto the network with: o Source IP address: IP_router o Source MAC address: MAC_random (or MAC_not_Router) Continuously sends the same ARP query in a regular interval. Relevant contents of Computer Bs ARP cache: IP_router MAC_random (or MAC_not_Router) Why the attack works: All Layer 2 traffic to the routers IP address, IP_router, will be sent to the wrong MAC address, MAC_random (or MAC_not_Router)

Page 2 of 10

Q2

Describe how and why an attacker can make use of TCP SYN messages to perform a DoS attack on a remote server. Briefly discuss one method to protect a server from this attack.

Answer: A TCP SYN flood attack is carried out by an attacker, who: Sends an IP spoofed SYN packet to a sever computer o but does not respond to the servers reply. Keeps repeating the above, possibly using a different IP spoofed address each time. What makes the attack possible: A computer/server needs to remember it is waiting for the ACK message from the client or a half-open connection. If an attacker sends SYN packets to a server faster than the server gets rid of timeout half connections from the finite memory, the memory overflows and the server cannot accept more TCP connection requests. One of the followings: Filtering packets to reduce the number of obvious IP-spoofed packets entering and exiting your network, e.g. o Disallow packets through if it has a source IP address from your internal network o Reject outgoing packets that have a source IP address different from your internal network to prevent a source IP spoofing attack from originating from your site. Syn cookie or similar methods. These methods are based on rejecting or ignoring TCP requests from spoofed IP addresses: Instead of just sending the SYN-ACK back, a server may send a syn cookie back, and waits for a response to it before sending the SYN-ACK reply. No one flooding from a spoofed IP address will be able to reply to the cookie, so nothing can be overloaded. In order for this to work, the sending of the syn cookie must be stateless, i.e. the server does not need to remember it. TCP intercept: In this method, a security device is used to do the 3-way handshaking with the external client. The security device implements methods to validate the connection request. If the handshaking is done successfully, the device will do a 3 way handshaking with the internal server and then connect the two TCP connections together to produce a final TCP connection between the client and the server.

Page 3 of 10

Q3

Draw a network diagram and describe, in details, the Smurf attack which makes use of ICMP packets in the attack. The diagram should show the paths of attacking ICMP packets.

Answer: Diagram showing: Attacking computer on a network ICMP echo request packets to a remote network o Router broadcasts the packets to a number of computers on the network Remote network computers returning ICMP echo replies to a victim computer The "smurf" attack An attacker sends a large amount of ICMP echo requests (pings) to broadcast addresses of a large number of networks, all of them having a spoofed source address of a target computer If the networks (i.e., their routers) broadcast the pings to their computers, the ICMP echo replies from all the broadcast hosts overwhelm the targets connection bandwidth

Page 4 of 10

Group 2.
Q4. (a) For the ECB (Electronic CodeBook) mode of operation of a block cipher, describe two security attacks the ciphertext blocks produced by this mode of operation are vulnerable to and briefly explain why Note that two attacks of similar nature will be counted as one For the CBC (Cipher Block Chaining) mode of operation, draw a block diagram showing the decryption of ciphertext block i, and describe how CBC overcomes the above disadvantages of ECB.

(b)

Answer: (a) Two of the followings: Having ciphertext blocks encrypted with the same key and transmitted at the same data stream will make it easier for attackers to perform cryptanalysis. Re-ordering attack Ciphertext blocks may be swapped within the same ciphertext steam. Replay attack An attacker has stored previous ciphertext blocks and may use them to replace some of the ciphertext blocks in the current ciphertext stream if the same key used in the previous communications is used again in the current communications.

(b)

The ciphertext blocks are linked together so as to overcome re-ordering and replay attacks. In addition, CBC randomizes the input plaintext block by XORing the plaintext block with the previous ciphertext block to make it harder for attackers to perform cryptanalysis.

Page 5 of 10

Q5. Assuming that Alice and Bob have the necessary public and private keys to perform the followings: List the five messages that Alice and Bob exchange in order for Bob to authenticate himself to Alice, by using his private key, KPrivateBob, to decrypt to prove that he is the owner of the private key, and Alice to authenticate herself to Bob, by using a shared secret, KAB, with Bob. Answer: Two one-sided end-entity authentications are combined by dropping the second hello message sent by Alice to produce the five-message mutual authentication Message 1: Message 2: Message 3: Message 4: Message 5: Bob sends a hello to Alice. Alice sends Alice encrypt(KPublicBob, NAlice) Bob sends NAlice to Alice Alice sends a hello to Bob Bob sends Alice NBob Alice sends hash(KAB, NBob) to Bob

Page 6 of 10

Q6. A message M is to be sent over the Internet to a remote computer. Describe, in details, how a digital signature is used to protect the messages integrity and authenticity. Note: in your answers, how the method is able to provide authenticity and integrity protections needs to be explained. Answer: Assume sender is Alice and receiver is Bob Alice: Alice: Alice: Bob: Bob: Bob: Hash M to produce H Encrypt H with her private key to produce a digital signature, i.e., encrypt(KPrivateAlice, H) Send M and encrypt(KPrivateAlice, H) to Bob Hash M to produce H Decrypt encrypt(KPrivateAlice, H) with Alice public key to get H Compare H to H

If there are the same, that means M has not been modified, i.e., integrity, and is from Alice, i.e., authenticity.

Page 7 of 10

Group 3.
Q7. List five security services that IPsec provides, and briefly (i.e., no more than one sentence for each security service) describe what IPsec uses to provide the security services. Answer: Any five of the followings. Access control o Traffic selectors o Allow or reject access to the IPsec-secured communication channel or the system protected by IPsec Connectionless integrity o ESP authentication o Protect against modification of individual IP packets Data origin authentication o ESP authentication Rejection of replayed packets o Anti-replay window o Only protect replay attacks within a window or time period Confidentiality o ESP encryption Limited traffic flow confidentiality o ESP encryption in tunnel mode o Limited protection against traffic analysis

Page 8 of 10

Q8. Shown below is a block diagram of the format of an IPv4 datagram:

IP Header IP Payload

(a)

Draw a block diagram to show the new format after IPsec ESP encryption is applied to an IPv4 datagram in Tunnel Mode. The IPsec ESP-processed IPv4 datagram obtained in (a) above is then further processed by IPsec ESP authentication in Transport Mode. Draw another block diagram to show the final format.

(b)

The scopes of the ESP encryption and ESP authentication must be shown in the diagram for (b). (a)

(b)

Page 9 of 10

Q9. (a)

Given that the current anti-replay window used by IPsec to detect replay packets spans from 100 to 400, if the next 3 incoming packets have the following sequence numbers, respectively: 1) 2) 3) 95 300 420

for each of the above cases, describe what will the receiver do with the packet and what will be the parameters of the window after that. (b) If the current span of the window is from 232 - 301 and 232 -1, describe what possible action IPsec will take next and explain why the action needs to be taken. 95 < 100: The packet is rejected. The position of the window, i.e., the parameters 100 and 400, remain the same 100 300 400: The packet is accepted. The position of the windows remains unchanged 420 > 400: The packet is accepted The window is advanced to span from 120 to 420

(a)

1)

2) 3) (a)

The sequence counter at the sender (and the receiver) is about to overflow. When it happens, most incoming packets will have their sequence numbers less than 232 301 and therefore will be rejected, even they are legitimate. The most straightforward solution is for IPsec to terminate the current IPsec SA and re-negotiate another IPsec SA. The new IPsec SA will have its sequence number counting from 0 and the window starts moving from the beginning position.

*** End of Mid-Session Test ***

Page 10 of 10