Ad Hoc Mobile n Cloud Security v2
Download
Report
Transcript Ad Hoc Mobile n Cloud Security v2
An in depth review of ad hoc mobile
network & cloud security concerns
Josh Alcorn
Larry Brachfeld
Overview of Ad Hoc Mobile and Cloud
Networks– Josh
Overview of Security Concerns– Larry
Attack Methods & Vulnerabilities- Josh
Overview of Specific Security
Proposals– Larry
Future Work - Josh
2
Self-configuring infrastructureless network of
clouds/mobile devices connected by wireless links.
The emergence of cloud-based computing, where
storage and CPU are outsourced to multiple 3rd parties
across the globe, implies large collections of highly
distributed and continuously evolving data points.
3
Ensure the infrastructure is secure and the clients’ data
and applications are protected. While the customer
must ensure that the provider has taken the proper
security measures to protect their information.
4
5
Because mobile ad hoc networks have many
more vulnerabilities than a traditional wired
network, security is much more of a challenge
in the mobile ad hoc network environment.
On a wireless network, an adversary is able to
eavesdrop on all messages within the
emission area, by operating in promiscuous
mode and using a packet sniffer
6
Furthermore, due to the limitations of the
medium, communications can easily be
perturbed; the intruder can perform this
attack by keeping the medium busy sending
its own messages, or just by jamming
communications with noise.
7
Vulnerabilities:
◦
◦
◦
◦
◦
Lack of Secure Boundaries
Compromised Nodes
Lack of Centralized Management/Standards
Restricted Power Supply*
Scalability
Attack Methods
◦
◦
◦
◦
DoS
Impersonation
Eavesdropping
Attacks Against Routing
8
CloudSEC proposes a new architecture for
composing collaborative security-related
services in clouds, such as correlated
intrusion analysis, anti-spam, anti-DDOS,
automated malware detection and
containment.
CloudSEC is modeled as a dynamic peer-topeer overlay hierarchy with three types of
top-down architectural components.
9
Based on this architecture, both data
distribution and task scheduling overlays can
be simultaneously implemented in a loosely
coupled fashion, which can efficiently retrieve
data resources from heterogeneous network
security facilities, and harness distributed
collection of computational resources to
process data-intensive tasks.
10
11
12
13
14
15
Collaborative Mobile Environment
Better Network Mapping/Utilization Tools
Jurisdiction & Provider Integrity
16
17