Chapter 1: Introduction
Data Communication technologies and the underlying protocols in the twenty-first century is one of the critical elements that acts as the backbone for electronic commerce and use of the world-wide-web (Todd and Johnson, 2001). The increase in the growth of electronic commerce as well as other forms of internet-based secure communication have increased not only the risks associated with networking related attacks that involve in the loss of personal information and possible financial loss to the victims. One of the major components in the Internet communication is the underlying protocol that governs the compilation and communication of the information from the source computer to the target and back (Nash et al, 2001). The role of the protocols in the networking also has a key influence on its ability to securely deliver the information as part of the overall communication architecture. This makes it clear that the robustness of the protocol and the extent to which a given protocol architecture can resist intruder attacks through encryption efficiency etc dictates the security associated with the information transfer as argued by Todd and Johnson, (2001). In this report a critical overview on the transport layer and the network layer protocols of the TCP/IP protocol architecture is presented to the reader. The research aims to throw light on the possible security attacks on these protocols and the possible countermeasures in order to prevent such attacks. The attacks in these cases mainly concern with the infringement of the information through unauthorised access bypassing the security or breaking the encryption surrounding the information being transported.
1.2: Aim and Objectives
The aim of this research is to investigate the possible attacks on the Transport layer & Network layer protocols and present possible countermeasures on overcoming the threat of these attacks on the day-to-day Internet-based data communication.
The above aim of the research is accomplished through embracing the research on the following objectives
To conduct a literature review on the Transport and Network layers of the TCP/IP protocol architecture.
To conduct a critical overview on the possible types of attacks on the Transport Layer and Network Layer protocols.
To present a critical analysis on the possible countermeasures to prevent the attacks on the Transport layer protocols.
1.3: Research Methodology
A qualitative approach is used to conduct the research. Since there are five layers to the TCP/IP model of which the research aims to investigate the protocols associated with the Transport and Network layer, a qualitative approach is deemed effective as the infrastructure required to simulate tests for conducting a quantitative research is limited for conducting the research. As it is also apparent that the analysis on the five layers of the TCP/IP model is beyond the scope of the research conducted in this report, the research conducted mainly focuses on the key threats and possible types of attacks on the protocols of the TCP/IP layers discussed.
1.4: Chapter Overview
Chapter 1: Introduction
This is the current chapter that presents the aim, objectives and brief overview on the research conducted to the reader.
Chapter 2: Literature Review
This chapter presents an overview on the layers of the TCP/IP model followed by a detailed overview on the key Transport layer and Network layer protocols. The chapter also presents a brief overview on the network attacks and the possible threats associated with the Internet data transfer.
Chapter 3: Protocol Attacks
This chapter presents a critical overview on the types of attacks on the Transport Layer and Network Layer protocols. The chapter presents a critical analysis on the methods used and the potential losses that may result due to the attacks.
Chapter 4: Countermeasures
This chapter presents a critical overview on the possible countermeasures that are implemented in order to prevent the attacks discussed in chapter 3. A comparative study on the countermeasures discussed is also presented in this chapter.
Chapter 2: Literature Review
2.1: Internet Security in the twenty-first century
The increase in the need for internet security from unauthorised access and malicious attacks is not only due to the need protecting personal/sensitive information of the users but also the service providers (Ganesh and Thorsteinson, 2003). This is naturally because of the fact that the service providers can perform effectively only when the requests sent to the server are valid thus making justifiable use of the resources (Rayns et al, 2003). The use of the resources in terms of the number of connections and the allocation of memory to cater for each connection established with the web server of the service provider is deemed to attribute to the extent to which a given website establishment performs effectively. This makes it clear that the need for internet security is not only a matter of protecting personal information but also effective utilisation of the computer resources dedicated for the purpose as argued by Rayns et al (2003).
Walden (2007) further argues that the security over the internet is mainly accomplished through implementing security measures on the connection-oriented and connection-less protocol used for transferring information from one end to another. It is interesting to note that the above focuses especially on the resource utilisation and protection of computer from malicious attacks through ensuring that the communication to and from the computer are not only secure but also valid. It is necessary to ensure both the validity and security of a given connection over the internet because of the former corresponds to the availability of the service whilst the later attribute to the reliability of the available service (Walden, 2007). It is also interesting to note that the prevention of unauthorised access to information systems connected to the Internet is deemed effective as opposed to implementing access control on each individual system as argued by Todd and Johnson (2001). This makes it clear that the implementation of the security over the Internet is mainly through implementing the preventive measures against malicious attacks through strengthening the protocols used in the various layers of the TCP/IP model. As the TCP/IP model forms the basis for communication over the internet, it is apparent that the robustness of the protocols implemented in each layer of the TCP/IP stack dictates the effectiveness of the Internet security implemented (Walden, 2007). In the next section a critical overview of the TCP/IP model is presented to the reader.
2.2: TCP/IP Model
‘TCP/ IP is a set of rules that defines how two computers address each other and send data to each other’ as argued by Blank (2004) (p1). Naturally the above makes it clear that TCP/IP is merely a framework that governs the methods to be deployed in order to enable communication over the internet between two computing devices. As TCP/IP is platform independent in nature, it provides a communication framework that can be deployed across any given operating system on a computing device connected to the Internet or even a dedicated network as opposed to the World Wide Web. This further opens room for development of new protocols and communication standards/rules that can be implemented using the TCP/IP model on any one of its five layers as argued by Rayns et al (2003). Hence securing the information being transferred from one end to another over a given network or the Internet can be accomplished through implementing a combination of protocols to operate within the layers of the TCP/IP framework. The five layers of the TCP/IP model are
Data Link Layer and
From the above it is evident that TCP/IP can be implemented in a given network using any number of protocols in each layer of the TCP/IP model depending upon the level of security required and the speed in data transfer. This is because of the fact that the increase in the number of protocols naturally increases the size of the data packet being transferred as part of the communication thus having a direct impact on the speed of communication as argued by Rayns et al (2003). It must also be noted that the protocols presented in each layer of the TCP/IP model shown in Fig 1 is merely a selection and not the exhaustive list of the protocol suite.
From the model represented in Fig 1 one should also appreciate that the layers of the TCP/IP model are arranged in a logical fashion so that the protocols closer to the top at the layer 1 associate themselves with the computing applications that handle data encryption and security. The protocols to the bottom of the TCP/IP stack on layer 5 on the other hand associate themselves with the actual data transfer from one end to another through establishing connection and enabling communication between sender and receiver as argued by Blank (2004).
As the research presented in this report focuses on the Transport and Network layers of the TCP/IP model a detailed overview on the five layers is beyond the scope of this report. A brief overview on each TCP/IP layer is presented below.
Application Layer – This layer of the TCP/IP model comprises of the protocols that associate with the handling of data and the encryption of the information order to effectively transfer the information from one end to another. The application layer is also deemed as the layer of the TCP/IP model that communicates with the actual application that is handling the information prior to its transfer over the Internet. The protocols of the application layer enable the interaction between the computer and the actual web application that performs the business logic associated with the application prior to preparing the information for transfer over the Internet. This makes it clear that the application layer encryption is mainly associated with the segmentation of the data into packets and allocates the associated headers in order to enable their transfer over the Internet. This also makes it clear that the security associated with the information transfer is not implemented at the Application Layer of the TCP/IP model. This makes it clear that the application layer protocols are extensively used in case of client server applications where the data transfer between the client and the server is in the full-duplex mode (Feit, 1998).
Transport Layer – This is the actual layer that manages the connection between the two computers and the success or failure of the information being transferred as argued by Blank (2004). The purpose of the Transport layer protocol as the name suggests is to ensure the secure and successful transfer of information over the Internet between the communicating parties as argued by Ganesh and Thorsteinson (2003). The process of enabling end-to-end communication for successful data transfer is the major task that is accomplished using the Transport layer of the TCP/IP model.
It is also interesting to not that the transport layer of the TCP/IP model provides the error tracking, flow control and data fragmentation capabilities independent of the underlying network as argued by Feit (1998). The transport layer of the TCP/IP model also performs the task of assigning the header to the data fragment off the overall information being transferred from one end to another.
The transport layer of the TCP/IP model implements two forms of communication strategies. These are connection-oriented and connectionless implementation as discussed below.
Connection-Oriented Implementation – The TCP (Transmission Control Protocol) protocol of the transport layer accomplishes the connection-oriented strategy of data communication. The connection-oriented approach o data communication corresponds to the process where a connection must be available between the communicating parties in conformance with the authentication and association rules prior to actually performing data transfer. This makes it clear that the data transfer in case of a connection-oriented approach depends on the extent to which the connection being established is live between the communicating computers. This makes it clear that the data transfer in a connection-oriented implementation can be accomplished only with the ability to maintain the connection between the computers thus making the data transfer reliable as argued by Feit (1998). This is naturally because of the fact that termination of the connection of loss of connection established during the course of the communication/data transfer would trigger a request to resend the information thus providing room for transferring all the information from one end to another. The session based communication strategies in terms of enabling the communication security is one of the key features of the connection-oriented implementation as prolonged inactivity or termination of the session will naturally terminate the connection established thus protecting the information transferred over the internet. Public Key Infrastructure (PKI) which will be discussed in the next section depends on the establishment of a connection-oriented communication strategy in order to ensure that the communication between the two computers using the connection oriented approach will help protect the information being transferred by the transport layer protocol. As discussed earlier, the transfer of information from one end to another in a communication channel is accomplished through segmenting the information into equal sized segments of data called packets that are assigned a header containing the details of the packet as well as its sequence in the information being transfer. The connection-oriented implementation of the transport layer has following key features
Sequential data transfer – This is method which follows the First-in First-out (FIFO) strategy. Thus the sequence in which the data packets are received is the same in which it is being sent from the source computer. This approach is deemed secure to ensure that the information being transferred is not tampered with and loss of one of the packets will enable the sender to resend the entire information again. However, the major disadvantage is that the increase in the size of the information will result in poor performance in terms of speed of data transfer.
Higher level of error control –As the connection oriented approach ensures that the connection established is live between the sender and the receiver throughout the entire communication process, it is clear that the error control is accomplished successfully through enabling the sender to resend the packets that were not received in the initial transfer. The control in the loss of packets using the above resend strategy naturally minimizes the error associated with the data transfer.
Duplication Control – The connection-oriented strategy also has the inherent ability to eliminate duplicate data packets transferred thus allowing the connection-oriented architecture to ensure consistency in the information being transferred.
Congestion Control – The TCP protocol monitors the network traffic as part of the transport layer activities. This ensures that that the session established between the sender and the receiver can transfer the required information successfully prior to reaching the session time-out situation as argued by Feit (1998).
The client-server communication over the internet is a classical example for the implementation of a connection oriented strategy in the Transport layer of the TCP/IP model. The use of the PKI in the communication is one of the key aspects of the connection-oriented implementation that makes the TCP protocol a key element in the secure data transfer strategies of the day.
Connectionless Implementation – As the name suggests the connectionless implementation is the case where a dedicated connection is not required to complete the data transfer between the communicating computer as argued by Blank (2004). The User Datagram Protocol (UDP) is used in the case of connectionless implementation where the transfer of the data packets merely comprises the packet order and the source/target details alone. This makes it clear that the transfer of data can be achieved at a higher rate as the authentication and validation of the data transferred is not restricted to a time frame or the session that controls the communication. However, the major issue associated is the lack of security and inaccuracy of the data transferred. Alongside, the key issue with the UDP protocol and the connectionless implementation is the lack of traceability of the information thus resulting in a non-reliable communication channel as argued by Blank (2004). The UDP is thus deemed to be an insecure mode of communication over the internet due to the lack of security measures apart from authentication and identification of the communicative parties. It is further important to appreciate that implementing PKI using the connectionless approach would result the exposure of the information and the lack of effective acknowledgement of the authentication between the communicating computers thus affecting the information security providing room for network attacks that can directly affect the information being transferred through the connection.
Network Layer – Blank (2004) argues that the network layer of the TCP/IP model performs the task of delivery of the data within the network one the data packet has reached the appropriate network subnet. This makes it clear that the network layer of the TCP/IP model plays a critical role in identifying the correct network target/destination in order to enable effective communication between the communicating parties as argued by Feit (1998). In case of the World Wide Web, the Network Layer plays the vital role of identifying the destination network and enabling the routing of the packets through the network in order to effectively reach the destination without the data being tampered by unauthorised users. The protocols that are widely used in the Network layer include the Internet Protocol (IP) and the Internet Control Message Protocol (ICMP). The Routing Information Protocol (RIP) of the information TCP/IP model which is predominantly used in the Application layer plays a vital role in the network layer for enabling routing of the information across the networks in order to effectively reach the target computer in the communication channel established over the Internet. It is further critical to appreciate the fact that the routing of the packets alone is not the task of the network layer protocols but also to enable the transport layer protocol to effectively enable the communication and data transfer between the communicating computers. This makes it clear that network attacks over the internet by hackers to affect the performance of the communicating computers in order to gain unauthorised access is accomplished through manipulating the communication strategies implemented by the protocols in the Transport and Network Layers of the TCP/IP model. The access to information and the actual infringement of the information which is deemed as the consequence of the hacking or network attack is related to the infringement of the information at the application layer protocols that hold the actual information being transferred (Blank, 2004). However, the attacks themselves that facilitate the aforementioned are accomplished through manipulating the procedures associated with the Transport Layer and Network Layer protocols. The attacks typically include spoofing, overloading, flooding etc., which are discussed in detail at chapter 3 of this report.
The Data Link Layer and the Physical Layer of the TCP/IP model involve the actual hardware based communication strategies that are beyond the scope of this research. Hence these two layers of the TCP/IP model are not discussed any further. It is important to appreciate the fact that the top three layers of the TCP/IP stack interact frequently in order to enable the secure communication and allocation of computing resources on the computing devices involved in the communication (Blank, 2004).
2.3: Public Key Infrastructure – an overview
PKI implements a form of cryptography known as the asymmetric cryptography in order to enable secure communication between two computers over the Internet as argued by Todd and Johnson (2001). This process mainly involves the use of a public key and private key that are used for encrypting and decrypting the information at the client and server ends respectively (Blank, 2004). The process of encryption is beyond the scope of this research although its role in the secure communication and the extent to which a hacker can manipulate the authentication strategies for launching an attack is relevant to the research. Hence the discussion in this section mainly concerns with the handshake and the communication strategies deployed along with an overview of the players in the PKI. This will help in identifying the various attacks plausible and the level manipulation that can be implemented by the hacker over the protocols used in order to infringe the communication between the client and server computers.
It is deemed that the PKI is a reliable communication strategy to implement secure communication through the use of Trusted Third Party (TTP) authentication and approval of the overall communication process between the server and the client computers. The key components of the PKI infrastructure that enable successful and reliable communication over the internet are discussed below
Certificate Authority (CA) – The CA is the issuer and control of the public key and the digital certificate associated with the authentication and transfer of secure information over the connection established using the TCP protocol. The primary role of the CA is to generate the public and the private keys simultaneously for a given server computer or service provider (Blank, 2004). The public key as the name suggests is made available over the public domain for encryption/decryption of the information at the client-end of the connection. The private key is not shared and stored at the server which is used for encryption/decryption of the information as applicable at the server end of the connection established for communication. From the above description it is evident that the role of the CA in the PKI is pivotal for the effective implementation of the PKI for secure communication free of network attacks. This is because, if the server hosting the CA application is attacked either using cross site scripting or flood attacks, the public keys stored as well as the associated certificates for verification are compromised thus resulting in the hacker gaining control over the communication channel without the knowledge of the server or the client as argued by Blank (2004). This makes it clear that the security at the CA computer is critical to establish a reliable TTP computer for implementing connection-oriented communication using TCP protocol of the TCP/IP model.
Registering Authority (RA) – The RA as the name implies is the verifier of the digital certificate before it is issued to a requestor as argued by Todd and Johnson (2001). The role of the RA computer in the PKI implementation is to enable an independent authorisation of the digital certificates issued thus providing a secondary verification of the information prior to communicating to the server. This presence of an independent verifying program or computer as part of the communication makes the PKI a reliable communication strategy to implemented connection-oriented communication over the internet in a secure fashion. It is also deemed to the key weakness of the PKI strategy owing to the fact that the reliability of the RA as a TTP in the communication process dictates the effectiveness of the communication and the protection of the server from intruder attacks as argued by Todd and Johnson (2001). However, the reliability of the CA or RA is not the issue of debate in this research but the potential attacks that threaten the stability of the computers hosting the CA and RA programs in order to enable secure connection oriented implementation across the Internet. The key area where the attacks can be accomplished by hackers to disable the RA or the CA computer eventually compromising the information held within is the use process of handshake where the RA or the CA computer is expected to receive an acknowledgement (ACK) from the requesting computer for each message successfully communicated. It is through manipulating these handshake communications a CA or RA can be compromised as the communication channel is expected to open for a specific time period to receive the ACK as well as allocate sufficient resources to complete the data transfer. Abuse of this feature is one of the major areas where the connection-oriented communication faces threat of attacks. These are discussed in chapter 3 elaborately.
Directories – The directories are the locations on the public domain that host the public keys for enabling the encryption of the information. The keys are normally held in more than one location in order to enable easy/quick access to the information as well as a verification strategy to ensure that the key retrieved is indeed the valid one for data transfer between the client a given server computer.
Certificate Management System (CMS) – This is the application that controls or monitors the certificates issued and facilitates the verification process. The CMS forms the core of the PKI infrastructure as the CA and RA computers in the given PKI implementation are expected to host a validated CMS program to enable the connection-oriented communication between the client and the server. The key issue associated with the case described above is the fact that the CMS program itself is an independent application and hence its reliability/robustness to prevent malicious attacks alone dictates the extent to which a given CA or RA is reliable over the Internet.
The key security strategy in case of the PKI implementation is the sharing of the public key whilst retaining the private key at the server computer as argued by Burnett and Paine (2001) . This strategy allows the server computer to effectively encrypt or decrypt the information without depending upon the public key and hence leading a two pronged attack as the information encrypted using private key can be deciphered using the public key and vice versa. Although the use of the two independent keys helps overcome the security threats to the information being transferred, the transfer process itself is not governed by the PKI. This is the major weakness of the PKI infrastructure that allows room for malicious attacks that can hamper the performance by the CA, Ra or the host server computers as argued by Burnett and Paine (2001).
From the above discussion it is evident that the security established using the PKI is mainly dependant on the following key elements of the PKI infrastructure
CA and RA – The validity and reliability of these computers play a vital role in the effective implementation of the PKI. Apart from the fact that the client computer sending the information depends upon these computers security of the information in its entirety, it is also clear that the availability of these computers and their responses in terms of session time control and preventing session time-out cases are critical to enable successful communication in a connection-oriented implementation using the TCP protocol. An attack on the hosting server for the CA or the RA mainly in terms of flooding or denial of Service will result in the failure of the PKI infrastructure in terms of lack of availability. This situation is one of the major elements that must be addressed as part of the security strategies to be implemented on the transport layer protocols.
Encryption Algorithm – The encryption algorithm used for issuing the public and private keys is another element that influences the security and reliability of the PKI as argued by Burnett and Paine (2001). The effectiveness of the hashing algorithm used for the purpose is not only essential for ensuring the security of the information through encryption but also dictates the size of the information for transmission after encryption as well as the speed associated with the data transfer for a given encryption strategy. As the complexity of the encryption algorithm naturally increases the size of the data being transferred thus affecting the speed associated with the communication, it is critical to establish a balance between security and speed in order to enable effective communication over an established connection. It is also important to note that the use of encryption algorithm dictates the extent to which a hacker can hack into the information that is being transfer whilst launching a transport/network layer attack as argued by Burnett and Paine (2001). It is deemed that the hackers through launching malicious attacks at the transport layer or the network layer tend to utilise the time gap to decipher the information being transferred in order to use the data for personal benefits. This makes it clear that the code hacking at the protocol level mainly attribute to the speed with which a given payload data transferred over a connection can be decrypted prior to termination of the connection itself as argued by Burnett and Paine (2001). From the above arguments we can deduce that the encryption poses the threat of single point of failure to the PKI in terms either being weak to prevent infringement or highly strong affecting the communication speed as argued by Nash et al (2001).
Advantages or benefits of PKI
The major benefits of the PKI include the following
The TTP presence enables higher level of security through verification by independent entities in the communication process. The CA and RA in the PKI play a vital role in achieving the aforementioned.
The dedication of resources for developing stronger algorithms to generate reliable public and private keys is yet another advantage associated with the PKI implementation. This makes it clear that the transport layer protocol (TCP) of the network layer protocol (IP, ICMP) weaknesses in terms of the request for resend and other key elements of connection verification can be overcome through robust algorithms. The growth f the electronic commerce at an exponential rate is one of the key factors that attribute to the availability of resources dedicated to the development of the PKI security strategies (Nash et al, 2001).
The security infrastructure behind the storage and retrieval of the public keys is yet another area where the reliability and effectiveness of the PKI is evident. The fact that in case of reliable CA and RA, the security is indeed robust and the information being transferred is secure as well as the communication process as argued by Nash et al (2001).
Constraints, Weaknesses and threats
TTP reliability and costs – As discussed before the major issue is the TTP reliability. The involvement of the TTP not only questions the