Evaluación y mitigación de ataques reales a redes ip utilizando tecnologías de virtualización de libre distribución
Article Sidebar
Published:
2012-12-30
Keywords:
ataques de seguridad, tecnologías de virtualización.
Main Article Content
Abstract
Los ataques a redes IP pueden colapsar la continuidad de los servicios de las empresas afectando su imagen y causando graves pérdidas económicas. La presente investigación se centra en la evaluación de diversos ataques reales de redes IP utilizando plataformas de virtualización con el fin de establecer mecanismos de seguridad para mitigarlos. Para llevarlo a cabo, se diseñaron e implementaron varias topologías de experimentación usando entornos virtuales de red, dentro de las cuales se probaron el escaneo de puertos, fuerza bruta, suplantación de identidad y denegación de servicios, tanto en una red de área local como en una extendida. Para cada topología, se utilizó diferente software libre tanto para producir el ataque como para obtener el flujo de tráfico, evaluándose las consecuencias del ataque. Para contrarrestar dichos ataques, se desarrolló un demonio en Shell script que es capaz de detectar, controlar y mitigar los ataques mencionados de manera programable y constante. Los resultados muestran la funcionalidad de esta investigación que reduce las amenazas y vulnerabilidades de las redes en producción.
Article Details
Section
Scientific Paper
The Universidad Politécnica Salesiana of Ecuador preserves the copyrights of the published works and will favor the reuse of the works. The works are published in the electronic edition of the journal under a Creative Commons Attribution/Noncommercial-No Derivative Works 4.0 Ecuador license: they can be copied, used, disseminated, transmitted and publicly displayed.
The undersigned author partially transfers the copyrights of this work to the Universidad Politécnica Salesiana of Ecuador for printed editions.
It is also stated that they have respected the ethical principles of research and are free from any conflict of interest. The author(s) certify that this work has not been published, nor is it under consideration for publication in any other journal or editorial work.
The author (s) are responsible for their content and have contributed to the conception, design and completion of the work, analysis and interpretation of data, and to have participated in the writing of the text and its revisions, as well as in the approval of the version which is finally referred to as an attachment.
References
M. Krause and H. Tipton, Handbook of information security management, 5th ed. Auerbach Publications, 1998.
S. Garfinkel and G. Spafford, Web security, privacy & commerce, 2nd ed. O’Reilly Media, Incorporated, 2001.
W. Fuertes, J. de Vergara, and F. Meneses, “Educational platform using virtualization technologies: Teaching-learning applications and research uses cases,” in Proc. II ACE Seminar: Knowledge Construction in Online Collaborative Communities, Albuquerque, NM - USA, October, 2009.
K. Scarfone, S. M, and P. Hoffman, Guide to Security for Full Virtualization Technologies. DIANE Publishing, 2010, Recommendations of the National Institute of Standards and Technology, Gaithersburg, MD.
J. Keller and R. Naues, “A collaborative virtual computer security lab,” in Second IEEE International Conference on e-Science and Grid Com puting e-Science’06. California, EEUU: IEEE, 2006, p. 126.
P. Li and T. Mohammed, “Integration of virtualization technology into network security laboratory,” in 38th Annual Procedings Frontiers in Education Conference, FIE. Saratoga, New York: IEEE, October, 2008, pp. S2A–7.
F. Abbasi and R. Harris, “Experiences with a generation iii virtual honeynet,” in Telecommunication Networks and Applications Conference (ATNAC). Canberra, Australia: IEEE, May, 2009, pp. 1–6.
F. Galán and D. Fernández, “Use of VNUML in virtual honeynets deployment,” in IX Reunión Española sobre Criptología y Seguridad de la Información (RECSI), Barcelona, Spain, September, 2006.
E. Damiani, F. Frati, and D. Rebeccani, “The open source virtual lab: a case study,” in Procedings of the Workshop on Free and Open Source Learning Environments and Tools, FOSLET, Italy, 2006, pp. 5–12.
Co-innovation lab Tokyo. Disaster recovery solution using virtualization technology. White paper. [Online]. Available: http://www.cisco.com/en/US/prod/collateral/ ps4159/ps6409/ps5990/N037_COIL_en.pdf
P. Ferrie, “Attacks on more virtual machine emulators,” Symantec Technology Exchange, 2008.
F. Galán, D. Fernández, W. Fuertes, M. Gómez, and J. López de Vergara, “Scenario-based virtual network infrastructure management in research and educational testbeds with VNUML,” Annals of Telecommunications, vol. 64, no. 5, pp. 305–323, 2009.
W. Fuertes and J. López de Vergara M, “An emulation of VoD services using virtual network environments,” in Procedings of the GI/ITG Workshop on Overlay and Network Virtualization NVWS’09, vol. 17, Kassel-Germany, March, 2009.
VMware home page. [Online]. Available: http: //www.vmware.com
VirtualBox home page. [Online]. Available: http://www.virtualbox.org
C. Lee, C. Roedel, and E. Silenok, “Detection and characterization of port scan attacks,” Univeristy of California, Department of Computer Science and Engineering, 2003. [Online]. Available: http: //cseweb.ucsd.edu/users/clbailey/PortScans.pdf
Hacking. VII Ataques por fuerza bruta. [Online]. Available: http://jbercero.com/index.php? option=com_content&view=article&id=71: hacking-vii-ataques-por-fuerza-bruta&catid=40: hacking-tecnicas-y-contramedidas&Itemid=66
Laboratorios. Hacking, técnicas y contramedidas, ataques por fuerza bruta (BruteForce) III. [Online]. Available: http://labs. dragonjar.org/laboratorios-hacking-tecnicasfuerza-bruta-brute-force-iii
Jhon the Ripper 1.7.6. [Online]. Available: www.openwall.com/jhon/
F. Callegati, W. Cerroni, and M. Ramilli, “Manin-the-Middle attack to the HTTPS protocol,” Security & Privacy, vol. 7, no. 1, pp. 78–81, 2009.
Nemesis. Última comprobación. [Online]. Available: http://nemesis.sourceforge.net/
S/a. [Online]. Available: http://www. estrellateyarde.org/so/logs-en-linux
S/n. [Online]. Available: http://usemoslinux. blogspot.com/2010/11/cron-crontab-explicados. html
J. Li, N. Li, X. Wang, and T. Yu, “Denial of service attacks and defenses in decentralized trust management,” International Journal of Information Security, vol. 8, no. 2, pp. 89–101, 2009.
J. Matthews, W. Hu, M. Hapuarachchi, T. Deshane, D. Dimatos, G. Hamilton, M. McCabe, and J. Owens, “Quantifying the performance isolation properties of virtualization systems,” in Proceedings of the 2007 Workshop on Experimental Computer Science. San Diego, CA: ACM, June, 2007, p. 6.
S. Garfinkel and G. Spafford, Web security, privacy & commerce, 2nd ed. O’Reilly Media, Incorporated, 2001.
W. Fuertes, J. de Vergara, and F. Meneses, “Educational platform using virtualization technologies: Teaching-learning applications and research uses cases,” in Proc. II ACE Seminar: Knowledge Construction in Online Collaborative Communities, Albuquerque, NM - USA, October, 2009.
K. Scarfone, S. M, and P. Hoffman, Guide to Security for Full Virtualization Technologies. DIANE Publishing, 2010, Recommendations of the National Institute of Standards and Technology, Gaithersburg, MD.
J. Keller and R. Naues, “A collaborative virtual computer security lab,” in Second IEEE International Conference on e-Science and Grid Com puting e-Science’06. California, EEUU: IEEE, 2006, p. 126.
P. Li and T. Mohammed, “Integration of virtualization technology into network security laboratory,” in 38th Annual Procedings Frontiers in Education Conference, FIE. Saratoga, New York: IEEE, October, 2008, pp. S2A–7.
F. Abbasi and R. Harris, “Experiences with a generation iii virtual honeynet,” in Telecommunication Networks and Applications Conference (ATNAC). Canberra, Australia: IEEE, May, 2009, pp. 1–6.
F. Galán and D. Fernández, “Use of VNUML in virtual honeynets deployment,” in IX Reunión Española sobre Criptología y Seguridad de la Información (RECSI), Barcelona, Spain, September, 2006.
E. Damiani, F. Frati, and D. Rebeccani, “The open source virtual lab: a case study,” in Procedings of the Workshop on Free and Open Source Learning Environments and Tools, FOSLET, Italy, 2006, pp. 5–12.
Co-innovation lab Tokyo. Disaster recovery solution using virtualization technology. White paper. [Online]. Available: http://www.cisco.com/en/US/prod/collateral/ ps4159/ps6409/ps5990/N037_COIL_en.pdf
P. Ferrie, “Attacks on more virtual machine emulators,” Symantec Technology Exchange, 2008.
F. Galán, D. Fernández, W. Fuertes, M. Gómez, and J. López de Vergara, “Scenario-based virtual network infrastructure management in research and educational testbeds with VNUML,” Annals of Telecommunications, vol. 64, no. 5, pp. 305–323, 2009.
W. Fuertes and J. López de Vergara M, “An emulation of VoD services using virtual network environments,” in Procedings of the GI/ITG Workshop on Overlay and Network Virtualization NVWS’09, vol. 17, Kassel-Germany, March, 2009.
VMware home page. [Online]. Available: http: //www.vmware.com
VirtualBox home page. [Online]. Available: http://www.virtualbox.org
C. Lee, C. Roedel, and E. Silenok, “Detection and characterization of port scan attacks,” Univeristy of California, Department of Computer Science and Engineering, 2003. [Online]. Available: http: //cseweb.ucsd.edu/users/clbailey/PortScans.pdf
Hacking. VII Ataques por fuerza bruta. [Online]. Available: http://jbercero.com/index.php? option=com_content&view=article&id=71: hacking-vii-ataques-por-fuerza-bruta&catid=40: hacking-tecnicas-y-contramedidas&Itemid=66
Laboratorios. Hacking, técnicas y contramedidas, ataques por fuerza bruta (BruteForce) III. [Online]. Available: http://labs. dragonjar.org/laboratorios-hacking-tecnicasfuerza-bruta-brute-force-iii
Jhon the Ripper 1.7.6. [Online]. Available: www.openwall.com/jhon/
F. Callegati, W. Cerroni, and M. Ramilli, “Manin-the-Middle attack to the HTTPS protocol,” Security & Privacy, vol. 7, no. 1, pp. 78–81, 2009.
Nemesis. Última comprobación. [Online]. Available: http://nemesis.sourceforge.net/
S/a. [Online]. Available: http://www. estrellateyarde.org/so/logs-en-linux
S/n. [Online]. Available: http://usemoslinux. blogspot.com/2010/11/cron-crontab-explicados. html
J. Li, N. Li, X. Wang, and T. Yu, “Denial of service attacks and defenses in decentralized trust management,” International Journal of Information Security, vol. 8, no. 2, pp. 89–101, 2009.
J. Matthews, W. Hu, M. Hapuarachchi, T. Deshane, D. Dimatos, G. Hamilton, M. McCabe, and J. Owens, “Quantifying the performance isolation properties of virtualization systems,” in Proceedings of the 2007 Workshop on Experimental Computer Science. San Diego, CA: ACM, June, 2007, p. 6.