Improving the Security, Privacy, and Anonymity of a Client-Server Network through the Application of a Moving Target Defense Christopher Frank Morrell Dissertation submitted to the faculty of the Virginia Polytechnic Institute and State University in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Engineering Joseph G. Tront, Chair Randolph C. Marchany Scott F. Midkiff Thomas C. Clancy Danfeng Yao March 17, 2016 Blacksburg, Virginia Keywords: IPv6, Security, Privacy, Moving Target Defense, Client Server Network Copyright 2016, Christopher F. Morrell THIS PAGE INTENTIONALLY LEFT BLANK. Improving the Security, Privacy, and Anonymity of a Client-Server Network through the Application of a Moving Target Defense Christopher F. Morrell ABSTRACT The amount of data that is shared on the Internet is growing at an alarming rate. Currentestimatesstatethatapproximately2.5exabytesofdataweregeneratedevery day in 2012. This rate is only growing as people continue to increase their on-line presence. As the amount of data grows, so too do the number of people who are attempting to gain access to the data. Attackers try many methods to gain access to information, including a number of attacks that occur at the network layer. Anetwork-basedmovingtargetdefenseisatechniquethatobfuscatesthelocation of a machine on the Internet by arbitrarily changing its IP address periodically. MT6D is one of these techniques that leverages the size of the IPv6 address space to make it statistically impossible for an attacker to find a specific target machine. MT6D was designed with a number of limitations that include manually generated static configurations and support for only peer to peer networks. This work presents extensions to MT6D that provide dynamically generated configurations, a secure and dynamic means of exchanging configurations, and with these new features, an ability to function as a server supporting a large number of clients. Thisworkmakesthreeprimarycontributionstothefieldofnetwork-basedmoving target defense systems. First, it provides a means to exchange arbitrary information in a way that provides network anonymity, authentication, and security. Second, it demonstrates a technique that gives MT6D the capability to exchange configuration informationbyonlysharingpublickeys. Finally,itintroducesasessionestablishment protocol that clients can use to establish concurrent connections with an MT6D server. THIS PAGE INTENTIONALLY LEFT BLANK. Improving the Security, Privacy, and Anonymity of a Client-Server Network through the Application of a Moving Target Defense Christopher F. Morrell GENERAL AUDIENCE ABSTRACT Ensuring the security of computers on the Internet continues to grow in impor- tance as more of our lives exist on-line. Traditionally, security experts add layers of defense to a computer or network in order to prevent malicious users from gaining access to the data held within that computer or network. No defense mechanism is perfect, and malicious users will continue to attempt to bypass any defenses until they are successful. Computers on the Internet maintain an address at which other computers can send messages. Since the advent of the Internet, these addresses have been 32 bits long, whichprovidesapproximately4billionaddresses. Asmoreandmorecomputers have been added to the Internet, the number of available addresses has decreased, resulting in a recent push to move from the 32-bit addressing scheme to a 128-bit addressing scheme, referred to as Internet Protocol version 6 (IPv6). Utilizing 128 bits to represent an address results in more addresses available than there have been nanoseconds since the Big Bang. Previous research has demonstrated a technique that involves changing the ad- dresses of two computers every few seconds, while continuing to maintain active conversations between the computers. Imagine being able to change your mailing address several times a day while still maintaining the ability to send and receive mail. This method, called Moving Target IPv6 Defense (MT6D), relies on the mas- sive number of addresses available in IPv6 to make it practically impossible for some adversary to locate a specific computer that they wish to attack. The work presented in this dissertation provides an extension to MT6D in order to support client/server networks. Each time a user requests a webpage or watches a video, a conversation is created between the user’s client computer and some other computer acting as a server. In a client/server network, there are generally a large number of clients that are all supported by a single server or small group of servers. In the described scenario, the user’s computer is referred to as the client, while the machine providing the webpage or video is referred to as the server. MT6D was originally designed to support conversations that only occurred between two user’s computers, not between a large number of clients and a server. Additionally, MT6D originally required a great deal of pre-coordination and con- figuration to be conducted by users before they could establish a connection between their computers. This pre-coordination and configuration is a factor that greatly limits the number of users that could communicate concurrently due to the logistics required to distribute and apply configuration data. In support of extending MT6D, this research also presents a scheme that uses a form of anonymous escrow through whichaservercansecurelyshareconfigurationinformationwithanyclientsthatmay wishtoestablishaconnection. Byusingthisescrowservice, clientcomputersareable to establish a secure MT6D connection to a server with minimal pre-coordination and no manual configuration. This work provides an increased level of privacy, security, and anonymity for computersthatconnectviatheclient/servermodel. Thesebenefitscomewithaslight impact to a computer’s performance on the network, although the negative impacts would not be notable to users except in extreme circumstances. The techniques presented here are intended to augment rather than replace the current security methods applied to a computer. Dedication The work presented here is dedicated to my family. Without the continued sup- port of my wife, Leslie, and my children, I would not have been successful in this venture. Thank you for your understanding when the nights in front of the computer went longer than expected and when I was pre-occupied with work. I am especially grateful for my wife for enduring this experience, many others that have preceded it, and many others that will follow. vii THIS PAGE INTENTIONALLY LEFT BLANK. Acknowledgments While this dissertation focuses on the work that I completed, it would not have been possible without the contributions and help from many people around me. A great deal of respect and thanks goes to my advisor, Dr. Joseph Tront. Dr. Tront has been the advisor that every graduate student wishes to have. He was able to find the perfect balance of pushing me in the right direction and remaining hands-off. His approach allowed me the flexibility to explore research directions that may not have been directly applicable, but still contributed to the completion of my research. I also thank Professor Randy Marchany for everything he contributed to my con- tinued academic growth. Randy provided a sounding board for ideas as I progressed through my research. He was always quick to lend advice and keep me moving for- ward and never hesitated to provide direction when I went off track. He has the ability to provide levity when necessary, always ensuring that everyone working in the lab maintains perspective and a good sense of humor as they pursue their re- search. In particular, I appreciate the office space that I was able to occupy for my duration at Virginia Tech. Having a place to go to each day certainly helped to improve my efficiency. To the rest of my committee, Dr. Scott Midkiff, Dr. Charles Clancy, and Dr. Danfeng Yao, thank you for your guidance and support throughout this process. I believe I picked the five busiest people at Virginia Tech for my committee, so I appreciate the time that each of you sacrificed for me. To Dr. Scot Ransbottom and Dr. Dave Raymond, thank you both for your support throughout my academic and Army careers. In particular, I appreciate the ix Christopher F. Morrell impact that Dr. Ransbottom has had on me both as an academic and an Army officer since we first met when I was a cadet at West Point. It was his advice in the fall of 1999 that started me down the path that has ultimately led to my current position. To Dr. Matt Dunlop, without the effort that you put in to the development of MT6D, my ideas would have gone nowhere. Your hard work provided the foundation upon which I was able to build, culminating in the research that is presented in this document. To my fellow IT Security Lab graduate students, Stephen Groat, Reese Moore, Phil Kobezak, Matt Sherburne, Dileep Basam, Kimberly Zeitz, Mike Cantrell, and Mark DeYoung, thank you for all of your help getting to where I am today. It was through our friendships and many hours of conversations that this work came to fruition. Inparticular, IappreciatethespecificresearchcontributionsofReeseMoore and Mike Cantrell. Reese helped to develop the DHT Blind Rendezvous idea without which this work could not have happened. Mike provided a great deal of assistance through the implementation of both the MT6D server and the server demonstration website. The hours of assistance contributed by both of them contributed greatly to my ability to complete this research. To the undergrads of the IT Security Lab, Andrew Heatwole, Franki Yeung, Peter Cho, and Alex Hsu, thank you for your contribution to this research. The effort provided by each of you helped to round out my research, but allowed me to remain focused on the central topics. I learned a great deal from each of you and hope that you are able to take some knowledge away that you learned through our interactions. Finally, to the United States Army and the department of Electrical Engineer- ing and Computer Science at the United States Military Academy, thank you for providing me with the opportunity to pursue a doctorate degree. x
Description: