Collaborative Research: CNS Core: Small: Internet-Scale Measurement of TCP/IP Implementation Weaknesses

合作研究：CNS 核心：小型：TCP/IP 实施弱点的互联网规模测量

• 批准号: 2007741
• 负责人: Jedidiah Crandall
• 金额: $ 22.5万
• 依托单位: Arizona State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2007741&HistoricalAwards=false
• 关键词: Collaborative; Research; CNS; Core; Small

This project will uncover network protocol implementations that are common on the Internet and are susceptible to side channel attacks. This can have serious security implications for applications such as Virtual Private Networks (VPNs) and Domain Validation ((DV), that proves an organization owns an Internet domain such as www.example.com before issuing a certificate that the organization can present to web browsers as authentication). A side channel is a mechanism where information flows where it was not intended to flow according to the design of a system. An analogy might be a foreign government counting the number of pizza deliveries to the Pentagon and inferring last-minute planning for a big event when the number of pizzas increases sharply. In other contexts, side channels have led to fundamental breakdowns in the basic security mechanisms that separate processes in an operating system (see Meltdown and Spectre, which are vulnerabilities in the way computers enforce the most basic separation of security contexts), and have been used to crack even then strongest cryptography. The TCP and IP protocols lay the foundation for the Internet, but are known to be susceptible to side channels if certain requirements are not met. Requests for Comments (RFCs), (the documents that develop and define Internet standards) describe how, for example, certain numbers must be chosen in an unpredictable manner, or limiting the rate at which packets are sent must be applied in a specific way, in order to mitigate the effects of TCP/IP side channels. Failure to follow these RFCs undermines the most basic assumption of Internet security: that in order for an attacker to infer the existence of, interfere with, or inject their own data into a communication the attacker must control a part of the network in between the two parties that are communicating.Violating this basic assumption can be devastating for Internet users that are acting in the U.S.'s interest, such as journalists, activists, and non-governmental organizations (NGOs) overseas that use tunneling of some kind to bypass Internet controls in their own country. A major technical challenge that the project will address is to explore the astronomically large number of possibilities for how sequences of probes sent by researchers might result in predictable patterns in the responses given by different Internet hosts. Predictable patterns indicate a vulnerability because the security model assumes an attacker will not be able to guess the numbers that protocols use for sequencing and other purposes.This project combines expertise in network security and data mining to search the Internet for patterns where there should be none. Through a combination of carefully designed experiments to measure how Internet hosts respond to different combinations of probes, temporal data mining to uncover patterns, and an infrastructure for measuring the entire Internet longitudinally, the project will reveal how custom network stacks have created a situation where a significant fraction of Internet servers do not protect against side channel attacks. These custom TCP/IP implementations are commonly developed for the cloud, "middleboxes" such as load balancers and firewalls, and the Internet of Things. The proposed work will address this situation through the ethical disclosure process, engaging Internet standards bodies, and educating researchers and users about these threats. Educational activities and outreach will leverage the unique population of the Southwestern U.S. and the expertise of the PIs to support diversification of the field and workforce development.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目将发现Internet上常见的网络协议实现，并且容易受到侧渠道攻击的影响。 这可能对诸如虚拟专用网络（VPN）和域验证等应用程序具有严重的安全性影响（（DV），该应用程序证明了组织拥有诸如www.example.com之类的Internet域，然后才发布该组织可以向Web浏览器呈现的证书作为身份验证）。 侧通道是一种机制，其中信息不打算根据系统的设计流动。 一个类比可能是外国政府，计算五角大楼的比萨饼数量，并推断出比萨饼的最后一分钟计划，当时比萨饼数量急剧增加。 在其他情况下，侧渠道导致在操作系统中分开过程的基本安全机制中的根本分解（请参阅Meltdown和Spectre，它们以计算机执行最基本的安全环境分离的方式），即使在那时则可以破解最强的密码。 TCP和IP协议为Internet奠定了基础，但已知如果不满足某些要求，则容易受到侧渠道的影响。 评论请求（RFC），（开发和定义Internet标准的文档）描述了如何以不可预测的方式选择某些数字，或限制必须以特定方式发送数据包的速率，以减轻TCP/IP侧通道的影响。 未能遵循这些RFC会破坏互联网安全的最基本假设：为了使攻击者推断，干扰，干扰或注入他们自己的数据中的数据，攻击者必须控制攻击者的一部分网络，而在两个方面进行交流的两方，这一基本假设可能会使互联网对互联网的利​​益摧毁美国的利益，而不是像美国那样的企业，例如，不及时的组织，例如，估计及其派遣者，及其杂志（Ockerts），这是一个新闻工作者，而这是一个新闻工作者，而这是一个新闻工作者，而这是一个新闻工作者，而这是一个新闻工作者，而这是一个新闻工作者（and）。这种利用某种隧道绕过自己国家的互联网控制。 该项目将要解决的一个重大技术挑战是探索研究人员发送的探针序列如何导致不同互联网主机给出的响应中可预测的模式的序列。 可预测的模式表示漏洞，因为安全模型假设攻击者将无法猜测协议用于测序和其他目的的数字。此项目结合了网络安全性和数据挖掘方面的专业知识，以搜索Internet，以获取不应存在的模式。 通过精心设计的实验的组合，以测量互联网主机如何响应探针的不同组合，时间数据挖掘以发现模式，以及用于纵向范围内测量整个Internet的基础架构，该项目将如何揭示Internet互联网服务器的大量部分无法保护侧频道攻击的情况。 这些自定义的TCP/IP实现通常是为云开发的，例如“ Middlebox”，例如负载平衡器和防火墙，以及物联网。 拟议的工作将通过道德披露过程来解决这种情况，吸引互联网标准机构，并向研究人员和用户了解这些威胁。 教育活动和外展活动将利用美国西南部的独特人群以及PI的专业知识来支持该领域和劳动力发展的多样化。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛影响的审查标准通过评估来获得支持的。

项目成果

Blind In/On-Path Attacks and Applications to VPNs

• 发表时间: 2021
• 作者: William J. Tolley;Beau Kujath;Mohammad Taha Khan;Narseo Vallina-Rodriguez;Jedidiah R. Crandall

Challenges and Opportunities for Practical and Effective Dynamic Information Flow Tracking

实用有效的动态信息流跟踪的挑战和机遇

• DOI: 10.1145/3483790
• 发表时间: 2023
• 期刊: ACM Computing Surveys
• 影响因子: 16.6
• 作者: Brant, Christopher;Shrestha, Prakash;Mixon-Baca, Benjamin;Chen, Kejun;Varlioglu, Said;Elsayed, Nelly;Jin, Yier;Crandall, Jedidiah;Oliveira, Daniela
• 通讯作者: Oliveira, Daniela

TSPU: Russia's decentralized censorship system

TSPU：俄罗斯的去中心化审查制度

• DOI: 10.1145/3517745.3561461
• 发表时间: 2022
• 期刊: ACM Internet Measurement Conference
• 作者: Xue, Diwen;Mixon-Baca, Benjamin;ValdikSS;Ablove, Anna;Kujath, Beau;Crandall, Jedidiah R.;Ensafi, Roya
• 通讯作者: Ensafi, Roya