Talks

Talk
CS/EE Networking Seminar, COLUMBIA UNIVERSITY IN THE CITY OF NEW YORK
Michael Czeizler,
2023

Today’s software development landscape has witnessed a shift towards microservices architectures. Using this approach, large software systems are composed of multiple separate microservices, each responsible for specific tasks. The breakdown to microservices is also reflected in the infrastructure, where individual microservices can be executed with different hardware configurations and scaling properties. As systems grow larger, incoming traffic can trigger multiple calls between different microservices to handle each request.

Auto-scaling is a technique widely used to adapt systems to fluctuating traffic loads by automatically increasing (scale-up) and decreasing (scale-down) the number of resources used.

Our work shows that when microservices with separate auto-scaling mechanisms work in tandem to process ingress traffic, they can overload each other. This overload results in throttling (DoS)
or the over-provisioning of resources (EDoS).

In the lecture we will demonstrate how an attacker can exploit the tandem behavior of microservices with different auto-scaling mechanisms to create an attack we denote as the Tandem Attack. We demonstrate the attack on a typical and recommended serverless architecture, using AWS Lambda for code execution and DynamoDB as database. Part of the results will be presented as an IEEE INFOCOM’23 poster.

Talk
Anat Bremler-Barr, Michael Czeizler
Red Hat research ,
2023

It is a common belief that Auto-scaling mechanisms serve as a mitigation for Distributed Denial of Service (DDoS) attacks on cloud computing infrastructures by dynamically adding machines to cope with the additional load. Intuitively, such attacks are mostly associated with Economic Denial of Sustainability (EDoS) derived from paying for the extra resources required to process the malicious incoming traffic.

Contrary to this belief, we present and analyze the Yo-Yo attack, a new attack against the auto-scaling mechanism that can cause significant performance degradation in addition to economic damage. We demonstrate the attack on Amazon EC2, Kubernetes, and serverless architecture. We then present and analyze Tandem Attack, a new attack on Microservices architecture. In this attack, the attacker exploits the tandem behavior of services with different auto-scaling mechanisms, causing both economic and performance damage.

Talk
Daniel Dubnikov
OARC 37,
2022

Several different DNSSEC configurations have been suggested in recent years in an attempt to address different security and privacy issues in the DNS system. In this presentation we briefly review, and analyse the performances of different configurations using a baseline throughput measurement (based on DNSPERF). We show that while each configuration serves an important role by solving some issues (e.g.: Zone Walking, Scalability for Large Zones), the overall throughput of the system is degraded, and this opens the door to DDoS amplification attacks due to the much larger message size, and extra cryptography computations.

Our goal is to design and implement (PoC level implementation) of a high throughput communication link between DNS resolver and authoritative servers that provides proof of authenticity and at the same time disables zone waking attacks. The motivation is to provide the same level of security as DNSSEC without the poor performances that come with it during a flood of NX requests attack, and without opening the door to zone walking attacks.

We designed and implemented an adaptive communication protocol between recursive resolver and authoritative servers with the above properties. We implemented a PoC that works (with Knot servers) at a throughput close to that of the standard DNS protocol, w/o DNSSEC (20,500 rps, requests per second, compared to 23,500 rps in plain DNS). We note that if one is willing to scarify and enable zone walking attacks, then a much higher throughput solution is possible as demonstrated by the NSEC3 aggressive caching implementation in Knot.

Talk
Yehuda Afek
GÉANT Innovation Programme 2021 - showcase,
2022
Talk
Anat Bremler-Barr
Global Platform Seminar,
2021

Manufacturer Usage Description (MUD) is a whitelisting-based access control framework allowing IoT manufacturers to publish their devices’ legitimate communications by specifying the permitted end-points and flows using domain names and port\protocol information. In this talk, we present three independent enhancements to the MUD framework.

 First, while MUD services typically run on the CPE at the LAN-level, we suggest applying MUD at the ISP-level, thus providing a more scalable solution. We present a demo that summarizes our successful PoC with a large nation-level ISP. 

 Secondly, some end-points with which an IoT device may communicate are not associated with a domain-name, making it impossible to specify them accurately in a MUD file (e.g., cases of  P2P or local end-points within the LAN).   We thus extend the MUD  architecture to enable accurate specification of such end-points. We then discuss our experience of implementing the solution using osMUD. 

Thirdly, while the MUD philosophy is that vendors specify the MUD files, we suggest that for IoT vendors that do not provide MUD files, the files can be automatically acquired from IoT traffic in-the-wild. Combining the automatic acquisition with the first enhancement, the ISP-level architecture, improves both considerably. 

 Integrating all three enhancements together considerably strengthen and expand the MUD effectiveness and provide a higher security level. 

 The work presented here is the cumulative product of several projects done in part with: Yehuda Afek, David Hay, Ran Goldschmidt, Lior Shafir, Gafnit Abraham, Avraham Shalev, Ihab Zhaika, Haim Levy, Zohar Yakhini, Bar Meyuhas and Ran Shuster.

Talk
Dor Israeli
Israeli Networking Day 2021,
2021
Talk
Daniel Bachar
Red Hat Research Days,
2021
Talk
Yehuda Afek
UCLA, Samueli,
2020

We will discuss different attacks on the DNS system and their mitigation. Including a new devastating attack that could easily paralyze parts of the Internet.

Talk
David Hay
University of Vienna,
2019

Computer networks have undergone and continue to experience a major transformation, whereby billions of low-cost devices are being connected to the network to provide additional functionality and better user experience. Unlike traditional network devices, these devices, collectively known as the “Internet of Things” (IoT), typically have very limited computational, memory, and power resources . These IoT devices became a major security concerns, both due to human factors and to technical challenges in deploying security mechanisms on devices with low resources. The number and diversity of IoT devices creates a huge attack surface that is often exploited by attackers to launch large-scale attacks, sometimes exploiting well-known vulnerabilities.

This talk will highlight the security concerns of IoT devices from a networking perspective and explore how to secure IoT devices using whitelists, in which communication between a device and an endpoint is prohibited unless that endpoint appears in the corresponding whitelist.

Talk
Yehuda Afek
Berkeley, Security Research Lab,
2019

Computer networks have undergone and continue to experience a major transformation, whereby billions of low-cost devices are being connected to the network to provide additional functionality and better user experience. Unlike traditional network devices, these devices, collectively known as the “Internet of Things” (IoT), typically have very limited computational, memory, and power resources. These IoT devices became a major security concerns, both due to human factors and to technical challenges in deploying security mechanisms on devices with low resources. The number and diversity of IoT devices creates a huge attack surface that is often exploited by attackers to launch large-scale attacks, sometimes exploiting well-known vulnerabilities. This talk will highlight the security concerns of IoT devices from a networking perspective and explore how to secure IoT devices using whitelists, in which communication between a device and an endpoint is prohibited unless that endpoint appears in the corresponding whitelist. Finally, we will discuss deployment options for such a solution (namely, within the internet gateway, as virtual network function within the ISP network, or a combination of the two).

Talk
Anat Bremler-Barr
Tel-Aviv University : CS Colloquium,
2019

Computer networks have undergone and continue to experience a major transformation, whereby billions of low-cost devices, Internet of Things (IoTs), are being connected to the network. Unlike traditional network devices, these devices typically have very limited computational, memory, and power resources, and attackers often exploit them to launch large-scale attacks.

This talk will highlight the security concerns of IoT devices from a networking perspective and explore how to secure IoT devices using whitelists, in which communication between a device and an endpoint is prohibited unless that endpoint appears in the device whitelist.

We present a new scalable ISP level architecture to secure and protect IoT devices. We address several challenges in the system design: the whitelist enforcement architecture, ML techniques to identify IoT devices, and the automatic acquisition of whitelists in the wild.

Talk
Anat Bremler-Barr
Sigcomm Symposium on European Research in Computer Networking,
2018
Talk
Yotam Harchol
Stanford University NetSeminar,
2018
Talk
Anat Bremler-Barr
Keynote Speech at SYSTOR,
2015