Eric Han Matthias (2-3pm) 4/29/11 HW4 1.

DNSSEC a) The attacker N can spoof response packets to the user R that says No domain found whenever R tries to request something from S. This essentially will deny service to R because it cannot request anything from S. b1) The dynamic signature process takes a lot of resource. If N sends randomly generated queries that do not exist to S, the flood of incoming queries is amplified and DoS occurs. b2) This depends on how the server signs messages, if the literal Q does not exist is signed then N cannot forge packets anymore. However suppose R is requesting Q that does exist and S signs Q instead of the literal Q does not exist then N can request Q, grab the signature off the legitimate response and attach the signature to a Q does not exist message and send it to R. This causes DoS described in part a. c) Since NSEC3 returns two hashed names before and after the request, it will return 10, 20 and 30 in that order, which are the hashes for b, c, and a respectively. The user can then check that abc = 15 does not exist in this, since it should be between 10 and 20. d) This is possible. The attacker can first hash all the names on his list of names of interest. Although the attacker cannot directly compare the names on his list with the names on the server since NSEC3 response with hashed names if it doesnt exist, the attacker possess the FULL list of hashes that resides on the server. Since he knows the hash of his own names of interest list, he can just compare hashes on his list to the hashes on the server. If a hash equals one thats on the server, then that name exist, otherwise the name does not. e) The salt is for easier prevention any precalculated dictionary attacks such as the one listed in part d. If the server sees that the attacker is using this method and is calculating the hash of a names of interest list, the server can just change the salt and all the calculation the attacker have done up to this point will be for nothing. f) The iteration parameter makes hashing names more costly, so the attacker has to spend more resource if he has to recalculate hashes. g) The upper limit of the iteration parameter is to protect against DoS attacks described in part b1. If calculation of hash takes more resource as iteration parameter increases, there needs to be a upper bound on it so that the server does not do extra work. 2. Covert Channels a) The caching system allows recently accessed files to have faster access time than files that are not cached. We can use this to create a covert channel. Suppose there are two processes on this machine are trying to communicate and process A is the sender and B the receiver. They can agree on a set of files and synchronize their timings. A can access the file designated as the first bit, B then accesses that file later. Since A access the file, it will be in the cache and the access time for B will be dramatically decreased. The first bit in the communication is then 1. Suppose A did not access the first bit file then Bs access time will be long, thus the first bit is 0. They can then do this for every bit in their stream by agreeing to a set of files.

Eric Han Matthias (2-3pm) 4/29/11 b) The capacity of this covert channel depends on the size of the cache. Suppose the cache can store x number of files at once, then A and B can send about x bits every time they communicate. c) Without the read only system, the processes should still be able to communicate. The scheme would start with process B accessing one of its own files to put it in the cache. Process A would then either fill up the cache or leave the file B just accessed in the cache. Process B can then read the one file it accessed before and look for the access time. If its long that means process A filled up the cache, which we can assign as a 1 bit. If the access time is short, then A did not fill up the cache and we can assign this as a 0 bit. This is much slower than the scheme in part a, since each time they communicate they can only send 1 bit. 3. Detecting Worms a) The worm signature can be split into two packets and the alarm system would not pick that up since it only looks at signature in single packets b) The monitor box can analyze packets in a stream and combine multiple packets. So suppose packet 1 has the first part of the 4bit string and packet 2 has the second part, then the box will combine these two packets into a stream and analyze the packets to raise alarm. There might still be false negatives because some packets may be dropped in transit but still passed onto the client, thus bypassing the monitor box. c) 4B is 32 bits so total number of combinations is 2^32. (100MB/4B)/(2^32) = .006 chance of error per second. Expected time per error is 163 seconds which is 1/.006 d) 8B is 64 bits. (100MB/8B)/(2^64) = 7.3E-11 chance of error per second. 1/7.3E-11 = 1.4E10 seconds e) The worm author can employ polymorphic code presented in class where each time the worm spreads it encrypts itself with a different key and then adds a decrypter at the end. 4. DoS a) No the closest path to L from the attacker only saturates 80MBs while the victim has a 100MB line to L. So DoS is not possible. b) 200000 TCP connections is 64000000 bits/s the attacker has a route to overwhelm the victims server with path AEL. c) The attacker can send SYN+ACK packets through routers I and L. Although these packets will be dropped at the server because theyre not expect, the server can only process 200000 packets a second. So even for dropped packets, they can only process that many, resulting in a DoS. d) Put an image that is hosted by another site on your site so that whenever a visitor visits your site theyre requesting the image from another server. 5. Sandboxing a) Although these code inserts would prevent malicious attackers from executing code if they were to follow the flow of the program, it does not prevent them from directly calling store. Suppose the attacker can find the address of the store r1,r2 line of code in memory, then he can just bypass all the software checks by jmp to that address. So what happens to be in r1 at that time (anything of the attackers choosing) will be the

Eric Han Matthias (2-3pm) 4/29/11 address where the data will be stored. b) The problem with the implementation specified in the problem is that it gives the attacker access to registers directly before store/jmp commands. There should be a register that is only accessible to the OS not the program so that register is used in store and jmp. If r3 is the non modifiable register to the attacker, then when store r1,r2 is called, r1s content would be moved to r3 first before going through the inline checks to sandbox the address and then store is called on r3,r2. After that r3 is set to null so that if the attacker uses the scheme above then they will be writing to a non existing address.