Formal and Automatic Network Security Configuration
The next-generation networks introduced higher flexibility and dynamicity in networking systems, but at the same time, they led to new threats and challenges. The traditional approach of a manual configuration of Network Security Functions (NSFs) such as firewalls and VPN gateways is not feasible anymore since it is not adequate for the ever-changing nature of modern networks and it is prone to human errors. To overcome this problem, the native flexibility provided by virtualization could be exploited to automate network security management. However, achieving a high level of automation while providing formal assurance that security management operations (e.g., configuration and orchestration) fulfill some security properties is still a complex research challenge. This presentation describes some novel approaches that combine automation, formal verification, and optimization for network security management. This is a joint seminar with FM-SEC. Attendance via Zoom (ID: 933 8257 2879, Passcode: 546836) Livestream via Youtube
Weaponizing Network Side Channels: From TCP Hijacking to DNS Cache Poisoning
Side channel attacks were never considered as part of the threat model when network protocols were designed. Even today, the impact of network side channels is vastly underestimated. Exploiting network side channels have been considered challenging, if not infeasible, due to its nature of being remote. In this talk, I will demonstrate a series of surprisingly powerful attacks where a blind off-path attacker can use side channels to hijack arbitrary remote TCP connections, as well as launch DNS cache poisoning attacks against popular DNS services. I will also give insights on how to systematically discover such problems.