Discover, Analyze, and Validate Attacks with Introspective Side Channels.
dc.contributor.author | Qian, Zhiyun | en_US |
dc.date.accessioned | 2012-10-12T15:25:39Z | |
dc.date.available | NO_RESTRICTION | en_US |
dc.date.available | 2012-10-12T15:25:39Z | |
dc.date.issued | 2012 | en_US |
dc.date.submitted | 2012 | en_US |
dc.identifier.uri | https://hdl.handle.net/2027.42/94037 | |
dc.description.abstract | Traditionally, the focus of security property ``confidentiality'' is on users' data (or application-layer information) such as password and credit card numbers. However, as network systems grow in complexity, more sensitive and internal state information is being maintained both within and external to the system, and therefore also subject to being leaked or inferred. One such example is that more features are being pushed to the middleboxes in the network which causes additional state to be kept. The leakage of such internal state can ultimately cause security breaches at the application layer. In the thesis, a systematically identification of unintentionally revealed internal network state and its impact are presented. A new class of side channels defined as introspective side channels are summarized that can leak such internal state. Such side channels in disguise only leak seemingly trivial information. The security analysis of the above problem consists of four steps: 1). Measurement (behavior characterization of a target system). 2). Identification of sensitive network and system state. 3). Identification of relevant introspective side channels. 4). Security analysis by connecting the sensitive network state and the relevant introspective side channels. Through these steps, techniques built on side channels are described which can enable a wide range of security applications to discover, analyze and validate both new and existing attacks. For instance, a sensitive TCP-related state kept on certain firewall middleboxes is discovered to facilitate TCP injection and hijacking attacks. More surprisingly, even without the middleboxes, similar attacks are still possible due to newly identified introspective side-channels on the hosts. | en_US |
dc.language.iso | en_US | en_US |
dc.subject | Introspective Side Channel | en_US |
dc.subject | TCP Sequence Number Inference | en_US |
dc.subject | Firewall Middleboxes | en_US |
dc.subject | Cellular Networks | en_US |
dc.title | Discover, Analyze, and Validate Attacks with Introspective Side Channels. | en_US |
dc.type | Thesis | en_US |
dc.description.thesisdegreename | PhD | en_US |
dc.description.thesisdegreediscipline | Computer Science and Engineering | en_US |
dc.description.thesisdegreegrantor | University of Michigan, Horace H. Rackham School of Graduate Studies | en_US |
dc.contributor.committeemember | Mao, Zhuoqing | en_US |
dc.contributor.committeemember | Dick, Robert | en_US |
dc.contributor.committeemember | Halderman, J. Alex | en_US |
dc.contributor.committeemember | Prakash, Atul | en_US |
dc.contributor.committeemember | Xie, Yinglian | en_US |
dc.subject.hlbsecondlevel | Computer Science | en_US |
dc.subject.hlbtoplevel | Engineering | en_US |
dc.description.bitstreamurl | http://deepblue.lib.umich.edu/bitstream/2027.42/94037/1/zhiyunq_1.pdf | |
dc.owningcollname | Dissertations and Theses (Ph.D. and Master's) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.