Physical Layer Attacks

advertisement
Lecture: 6 Network Survivability and Robustness
Ajmal Muhammad, Robert Forchheimer
Information Coding Group
ISY Department
Outline


Introduction to Network Survivability
Protection Techniques Classification





Physical Layer Attacks
Optical Network Component Vulnerabilities


Link failure, equipment failure
Path protection, link protection
Dedicated resources, shared resources
Fibers, switches, amplifiers
Protection and Prevention of Attacks
Network Survivability
A very important aspect of modern networks



Optical fibers with extremely large capacity has becomes dominant
transport medium.
Interruption for even short period of time may have disastrous
consequences.
No service provider is willing to accept unprotected networks anymore.
Restoration = function of rerouting failed connections
Survivability = property of a network to be resilient to failure
Requires physical redundancy and restoration protocols.
Optics in the Internet
Data
Center
SONET
SONET
DWD
M
DWD
M
SONET
SONET
Access
Metro
Long Haul
Metro
Access
Protection and Restoration in Internet
A well defined set of restoration techniques already exists in
the upper electronic layers:



ATM/MPLS
IP
TCP
Restoration speeds in different layers:




BGP-4: 15 – 30 minutes
OSPF: 10 seconds to minutes
SONET: 50 milliseconds
Optical Mesh: currently hundred milliseconds to minutes
Why Optical Layer Protection?
Advantages:
 Speed
 Efficiency
Limitations
 Detection of all faults not possible (3R).
 Protects traffic in units of lightpaths.
 Race conditions when optical and client layer both try
to protect against same failure.
Protection Techniques Classification
Restoration techniques can protect the network against:


Link failures
 Fiber-cables cuts and link devices failures (amplifiers)
Equipment failures
 OXCs, OADMs, electro-optical interface
Protection can be implemented in:


Optical channel sub-layer (path protection)
Optical multiplex sub-layer (link protection)
Different protection techniques for:
 Ring networks
 Mesh networks
Protection in Ring Network
Unidirectional Path Switched Ring
1+1 Path Protection
Used in access rings for
traffic aggregation into
central office
Bidirectional Link Switched Ring
Bidirectional Link Switched Ring
1:1 Span and Link Protection 1:1 Link Protection
Used in metropolitan or longhaul rings
Used for inter-office
rings
Unidirectional Path Switched Ring (UPSR)
Signal sent on
both working and
protected path
Best quality
signal selected
Receiving Traffic
Sending Traffic
N2
N1
Outside Ring = Working
Inside Ring = Protection
N3
N4
N1 send data to N2
1+1 Protection




Traffic is sent over two parallel paths, and the
destination selects a better one.
In case of failure, the destination switch onto
the other path.
Pros: simple for implementation and fast
restoration
Cons: waste of bandwidth
Bidirectional Link Switched Ring (2-Fiber
BLSRs)
Sending/Receiving
Traffic
N2
Sending/Receiving
Traffic
N1
Both Rings = Working & Protection
N3
N4
N1 send data to N2 & N2 replies to N1
1:1 Protection




During normal operation, no traffic or low priority traffic
is sent across the backup path.
In case failure both the source and destination switch
onto the protection path.
Pros: better network utilization.
Cons: required signaling overhead, slower restoration.
Protection in Mesh Networks
Network planning and survivability design
 Disjoint path idea: service working route and its backup
route are topologically diverse
 Lightpaths of a logical topology can withstand physical
link failures
Working Path
Backup Path
Reactive / Proactive
Reactive



A search is initiated to find a
new lightpath which does not
use the failed components
after the failure happens.
It can not guarantee
successful recovery,
Longer restoration time
Proactive


Taxonomy

Backup lightpaths are
identified and resources are
reserved at the time of
establishing the primary
lightpath itself.
100 percent restoration
Faster recovery
Path Protection
Dedicated Path Protection
•
•
•
Shared Path Protection
Backup resources are used for protection of multiple
links
Assume independent failure and handle single failure
The capacity reserved for protection is greatly reduced
Link and Channel Based Protection
Link-based Protection
Channel-based Protection
Path Protection / Link Protection
Normal Operation
Path Switching: restoration is
handled by the source and
the destination.
Link Switching: restoration is
Link Switching: restoration is
handled by the nodes adjacent to
handled by the nodes adjacent
the failure.
to the failure.
Span Protection: if additional fiber
Link Protection
is available.
Outline


Introduction to Network Survivability
Protection Techniques Classification





Physical Layer Attacks
Optical Network Component Vulnerabilities


Link failure, equipment failure
Path protection, link protection
Dedicated resources, shared resources
Fibers, switches, amplifiers
Protection and Prevention of Attacks
Physical Layer Attacks
Attack: Intentional action against the ideal and secure functioning
of the network
Attacks are much more hazardous than component failures as the
damage they cause is more difficult to prevent:
Attacks Classification
Service disruption: prevents communication or degrades the quality
of service (QoS)
 All connections and components appear to be functioning well in
the optical domain, but the electrical bit error rates (BERs) of the
legitimate channels are already impaired
Tapping: compromises privacy by providing unauthorized users access to
data, which can then be used for eavesdropping or traffic analyses
Component Vulnerabilities: Fibers
Bending the fiber violates the total internal reflection and causes
light to leak outside the fiber
Photodetector can pick up such leakage and
deliver the transmitted content to the intruder
Exploiting fiber nonlinearities: cross-phase modulation and Raman
effects may cause a signal on one wavelength to amplify or
attenuate a signal on another wavelength

Co-propagate a malicious signal on a fiber and decrease QoS or tap
legitimate signals
Commercial tapping devices introduce losses less than 0.5 dB and
some even below 0.1 dB
Optical Switches
Optical switches are prone to signal leakage, giving rise to crosstalk
Malicious users can take advantage of
this to cause service degradation and/or
perform eavesdropping
Inter-channel crosstalk: occurs between signals on adjacent
channels. Can be eliminated by using narrow pass-band receivers.
Intra-channel crosstalk: occurs among signals on the same
wavelengths, or signals whose wavelengths fall within each other’s
receiver pass-band.
Crosstalk levels of optical switches range from -35 dB (SOA, liquid
crystal, electro-optical, thermo-optical) to -55 dB for MEMS.
Examples
Tapping attack exploiting intra-channel crosstalk in an optical switch
If a tapper gains access to upper output port,
part of the signal at lambda 2 is delivered
straight into his hands
Jamming attack exploiting intra-channel crosstalk in an optical
switch
Attacker injects a high-powered signal on the same
Wavelength (in-band jamming) as other legitimate
data signals.
Components of the high-power signal will leak onto
adjacent channels, impairing the quality of the
transmission on those signals
Optical Amplifiers
Erbium-doped fiber amplifiers (EDFAs) are the most commonly used
amplifier in today’s WDM networks.
An optical amplifier is characterized by its gain, gain bandwidth, gain
saturation, polarization sensitivity and amplifier noise.
The distribution of excited electrons is not uniform
at various levels within a band
The gain of an EDFA depends on the wavelength of
the incoming signal with a peak around 1532 nm
Can be compensated by employing passive or dynamic
gain equalization
Gain Competition in EDFA
The limited number of available upper-state photons necessary for signal
amplification must be divided among all incoming signals.
Each of the signals is granted photons proportional to its power level, which
can lead to gain competition.
Stronger incoming signals receive more gain, while weaker signals receive
less
Gain competition can be exploited to create service disruption
A malicious user can inject a powerful signal on a wavelength different from
those of other legitimate signals (out-of-band jamming), but still within the
pass-band of the amplifier.
The stronger malicious signal will get more gain than weaker legitimate
signals, robbing them of power.
Qos level of the legitimate signals will deteriorate, potentially leading to
service denial.
Equip amplifiers with input and output power monitoring capability
Low Power QoS Attack
Optical splitter is attached at the head of link AB to attenuate the
propagation power by a certain amount (7 dB).
Link AB OSNR degradation for LP1 & LP3 exacerbate to 18.5 dB.
Attack is able to propagate by taking advantage of the OXC equalizations.
Equalizer in node B will attenuate LP2
to ensure the flat power spectrum on link
Make the network more
BC
sensitive to the abnormal
changes
The amplifier (with gain control of 15 dB)
are placed such that each can exactly
compensate the loss introduced by the
preceding fiber spans
75 km
Performance monitoring at
the amps & OXCs should
be aware of the real-time
LP configuration and vary
the alarming thresholds
accordingly
7 dB attenuation
Performance metrics of each channel measured at
different places of the network
Protection and Prevention of Attacks
Achieving complete protection requires large investments by the network
operator.
Hardware measures- shielding the fiber, additional equipment capable of
limiting excessive power (e.g., optical limiting amplifiers, variable optical
attenuators or optical fuses). Use components with lower crosstalk levels.
Transmission schemes- applying different modulation and
techniques, limiting the bandwidth and power of certain signals.
coding
Architecture and protocol design- identifying and avoiding risky links
or assigning different routes and wavelengths to separate trusted
from untrusted users.
Optical encryption- protect communication confidentiality by making
it incomprehensible to an eavesdropper.
Download