Explore a 24-minute conference talk from USENIX Security '18 that introduces NetHide, a novel framework for secure network topology obfuscation. Dive into the challenges of balancing network security against link-flooding attacks with the practical needs of network debugging tools. Learn how NetHide formulates topology obfuscation as a multi-objective optimization problem, allowing for flexible trade-offs between security and usability. Discover how this approach can protect large network topologies while preserving essential debugging capabilities. Examine the implementation of NetHide using programmable network devices to modify path tracing probes in real-time. Gain insights into the effectiveness of this method in obfuscating topologies of up to 150 nodes while maintaining the ability to trace back 90% of link failures accurately.
NetHide - Secure and Practical Network Topology Obfuscation
Overview
Syllabus
Intro
Link flooding attacks (LFA) target the infrastructure
Learning large topologies by combining many path measurements
Reactive and proactive strategies to mitigate link-flooding attacks
Topology obfuscation as an optimization problem
A topology is robust against LFAS if the flow density of each link does not exceed is capacity
Two basic strategies for attacking the virtual topology despite obfuscation
Accuracy and utility measure the closeness of P and V
NetHide optimizes over a random sample of solutions to improve performance and security
Maintaining the utility of debugging tools requires sending packets through the actual network
Programmable network devices allow modifying tracing packets at line rate
Encoding state in packets instead of storing it in devices
High protection with small impact on accuracy and utility
NetHide: Secure and Practical Network Topology Obfuscation
Taught by
USENIX
