Protecting Satellite Networks from Disassociation DoS Attacks(2010 IEEE International Conference on)

2013-10-14

102062560 卓彥呈

1/1

3

Introduction

• Satellite network model• Network Control Center (NCC)• Satellite Terminal (ST)

• Disassociation DoS attack• Rabin function• Verification process

• Analysis of proposed solution• Probability of successful attacks

2/1

3

Satellite Network Model

NCC

Network Control Center (NCC)Satellite Terminal (ST)

3/1

3

Disassociation DoS Attack

4/1

3

Disassociation DoS Attack (Cont.)

• Sequence number

• Source MAC address• Available tools. ex : Spoof-MAC, MAC Changer, Airsnarf

• Authentication process• Termination of the current normal data

communication• Consume the system resource

5/1

3

Disassociation DoS Attack (Cont.)

• Denial of Service Prevention in Satellite Network Communications(2004 IEEE international Conference)• Check MAC value and payload of packet

• Provide a lightweight security scheme to detect and prevent Disassociation DoS attacks• Encrypt / Decrypt sequence number

6/1

3

Encryption on sequence number (Rabin function)

• Plain text

• Encrypted text

• Where n = p * q, p and q are primes

• p and q are the keys shared by NCC and ST

7/1

3

Decryption on sequence number

• Calculate and

• Calculate and using extended Euclidean algorithm

• Calculate four square roots

using Chinese remainder

theorem

8/1

3

Effect of Rabin function

9/1

3

Verification process

10/1

3

Analysis

• A successful disassociation DoS attack • Two consecutive plain sequence number

• Two consecutive encrypted sequence numberRabin function

11/1

3

Conclusion

• Improve the security of the sequence number

• The larger product of two primes, the lower probability of a successful DoS attack

• Low consumption of computation resources• Check the sequence number instead of MAC or

payload

12/1

3

• Thanks!

13/1

3