diff --git a/doc/presentation_review3/img/1F600.pdf b/doc/presentation_review3/img/1F600.pdf new file mode 100644 index 0000000..53b0b6b Binary files /dev/null and b/doc/presentation_review3/img/1F600.pdf differ diff --git a/doc/presentation_review3/img/1F607.pdf b/doc/presentation_review3/img/1F607.pdf new file mode 100644 index 0000000..c2d2efd Binary files /dev/null and b/doc/presentation_review3/img/1F607.pdf differ diff --git a/doc/presentation_review3/img/1F608.pdf b/doc/presentation_review3/img/1F608.pdf new file mode 100644 index 0000000..856b44e Binary files /dev/null and b/doc/presentation_review3/img/1F608.pdf differ diff --git a/doc/presentation_review3/img/1F60E.pdf b/doc/presentation_review3/img/1F60E.pdf new file mode 100644 index 0000000..d6daa5b Binary files /dev/null and b/doc/presentation_review3/img/1F60E.pdf differ diff --git a/doc/presentation_review3/img/1F615.pdf b/doc/presentation_review3/img/1F615.pdf new file mode 100644 index 0000000..7e98f9d Binary files /dev/null and b/doc/presentation_review3/img/1F615.pdf differ diff --git a/doc/presentation_review3/img/1F635.pdf b/doc/presentation_review3/img/1F635.pdf new file mode 100644 index 0000000..6bf28fa Binary files /dev/null and b/doc/presentation_review3/img/1F635.pdf differ diff --git a/doc/presentation_review3/img/AufwandsschaetzungNeu.pdf b/doc/presentation_review3/img/AufwandsschaetzungNeu.pdf new file mode 100644 index 0000000..e4d1aef Binary files /dev/null and b/doc/presentation_review3/img/AufwandsschaetzungNeu.pdf differ diff --git a/doc/presentation_review3/img/Hintergrund.pdf b/doc/presentation_review3/img/Hintergrund.pdf new file mode 100644 index 0000000..e7893e4 Binary files /dev/null and b/doc/presentation_review3/img/Hintergrund.pdf differ diff --git a/doc/presentation_review3/img/Netzwerkplan-Real.png b/doc/presentation_review3/img/Netzwerkplan-Real.png new file mode 100644 index 0000000..f7c1dee Binary files /dev/null and b/doc/presentation_review3/img/Netzwerkplan-Real.png differ diff --git a/doc/presentation_review3/img/SYN-FIN.png b/doc/presentation_review3/img/SYN-FIN.png new file mode 100644 index 0000000..459c0c6 Binary files /dev/null and b/doc/presentation_review3/img/SYN-FIN.png differ diff --git a/doc/presentation_review3/img/SYN-Flood.png b/doc/presentation_review3/img/SYN-Flood.png new file mode 100644 index 0000000..a8aed79 Binary files /dev/null and b/doc/presentation_review3/img/SYN-Flood.png differ diff --git a/doc/presentation_review3/img/Treatment_ohne_Container_mit_Schatten.pdf b/doc/presentation_review3/img/Treatment_ohne_Container_mit_Schatten.pdf new file mode 100644 index 0000000..92cf152 Binary files /dev/null and b/doc/presentation_review3/img/Treatment_ohne_Container_mit_Schatten.pdf differ diff --git a/doc/presentation_review3/img/aegis_logo_with_name.pdf b/doc/presentation_review3/img/aegis_logo_with_name.pdf new file mode 100644 index 0000000..0b98f7a Binary files /dev/null and b/doc/presentation_review3/img/aegis_logo_with_name.pdf differ diff --git a/doc/presentation_review3/img/analyzerDiagram.png b/doc/presentation_review3/img/analyzerDiagram.png new file mode 100644 index 0000000..e52be5d Binary files /dev/null and b/doc/presentation_review3/img/analyzerDiagram.png differ diff --git a/doc/presentation_review3/img/attackerVShping.pdf b/doc/presentation_review3/img/attackerVShping.pdf new file mode 100644 index 0000000..e8de8be Binary files /dev/null and b/doc/presentation_review3/img/attackerVShping.pdf differ diff --git a/doc/presentation_review3/img/attackerVShping.svg b/doc/presentation_review3/img/attackerVShping.svg new file mode 100644 index 0000000..3fe44fb --- /dev/null +++ b/doc/presentation_review3/img/attackerVShping.svg @@ -0,0 +1,37 @@ + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + 400 Mbit/s + 7.7 Gbit/s + hping3 + attacker + + \ No newline at end of file diff --git a/doc/presentation_review3/img/polling.png b/doc/presentation_review3/img/polling.png new file mode 100644 index 0000000..9b37d40 Binary files /dev/null and b/doc/presentation_review3/img/polling.png differ diff --git a/doc/presentation_review3/img/security_layers_vp_online.png b/doc/presentation_review3/img/security_layers_vp_online.png new file mode 100644 index 0000000..4216bb7 Binary files /dev/null and b/doc/presentation_review3/img/security_layers_vp_online.png differ diff --git a/doc/presentation_review3/img/sym_rss_solution.svg b/doc/presentation_review3/img/sym_rss_solution.svg new file mode 100644 index 0000000..7a62ce0 --- /dev/null +++ b/doc/presentation_review3/img/sym_rss_solution.svg @@ -0,0 +1,1241 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Middle-Box + + + + + + + + + Middle-Box + + + + + + + + + + + + + + + + T0 + + + + + + + + + + + + T0 + + + + + + + + + + + + + + + T1 + + + + + + + + + + + + T1 + + + + + + + + + + + Port 0 + + + + + + + + + Port 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + T1 + +0 + + + + + + + + + + + T1 + + + T10 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Port 1 + + + + + + + + + Port 1 + + + + + + + + + + + + + + + + + + + + + diff --git a/doc/presentation_review3/presentation3.pdf b/doc/presentation_review3/presentation3.pdf new file mode 100644 index 0000000..b815e45 Binary files /dev/null and b/doc/presentation_review3/presentation3.pdf differ diff --git a/doc/presentation_review3/presentation3.tex b/doc/presentation_review3/presentation3.tex new file mode 100644 index 0000000..b3aaa7a --- /dev/null +++ b/doc/presentation_review3/presentation3.tex @@ -0,0 +1,290 @@ +\documentclass{beamer} +\usepackage[T1]{fontenc} +\usepackage[utf8]{inputenc} +\usepackage[german]{babel} +\usepackage{pdfpages} +\usepackage{amssymb} +\usepackage{enumerate} +\usepackage{array} +\usepackage{lmodern} +\usepackage{url} +\usepackage{hyperref} +\usepackage[all]{xy} +\usepackage[export]{adjustbox} +\usepackage{subcaption} +\usepackage{listings} +\usepackage{tikz} +\usetikzlibrary{arrows,positioning,fit,shapes,calc} + +\usepackage{graphicx} +\graphicspath{{./img/}} + +\usepackage{enumitem} +\newlist{todolist}{itemize}{2} +\setlist[todolist]{label=$\square$} +\usepackage{pifont} +\newcommand{\cmark}{\ding{51}}% +\newcommand{\xmark}{\ding{55}}% +\newcommand{\done}{\rlap{$\square$}{\raisebox{1pt}{\large\hspace{1pt}\cmark}}% +\hspace{-1pt}} +\newcommand{\wontfix}{\rlap{$\square$}{\raisebox{1.5pt}{\large\hspace{.5pt}\xmark}} +\hspace{-2.5pt}} + +%Farbschema +\definecolor{tuerkis}{rgb}{0.0, 0.65, 0.76} +\definecolor{weiss}{rgb}{1.0,1.0,1.0} +\definecolor{gruen}{rgb}{0.22, 0.74, 0.07} + +\usetheme{metropolis} +\setbeamercolor{progress bar}{fg=gruen,bg=gruen} +\setbeamercolor{frametitle}{fg=black, bg = gruen} +\setbeamercolor{background canvas}{bg = weiss} +\setbeamercolor{footline}{fg=gray} +\setbeamerfont{page number in head/foot}{size=\scriptsize} +\setbeamercolor{title}{fg = black} +\setbeamertemplate{frame footer}{ \insertlogo{\includegraphics[width=0.1\textwidth]{aegis_logo_with_name.pdf}}\hfill\insertsection} + +\lstset{frame=single} + +\title{SWP 21 - Gruppe 01: Abwehr von Denial-of-Service-Angriffen durch effiziente User-Space Paketverarbeitung} +\subtitle{Abschlussveranstaltung} +\institute{Technische Universität Ilmenau} +\date{21. Juli 2021} + +\begin{document} + +\begin{frame} + \maketitle +\end{frame} + +\begin{frame}{Das Problem DDoS\footnotemark} + \center + \begin{itemize} + \pause + \item \alert{Einfach} und \alert{beliebt} + \pause + \item Fast \alert{unaufhaltsam} + \pause + \item Abwehr komplex und \alert{ressourcenintensiv} + \pause + \item Angriffsvolumen \alert{verdoppelt} mindestens jährlich \footnotemark + \pause + \item Schäden bei $\sim$323.400 Euro je Stunde \footnotemark + \end{itemize} + + \only<5->{\footnotetext[1]{ns-cdn.neustar.biz}} + \only<6->{\footnotetext[2]{https://it-service.network}} + \footnotetext[3]{DDoS = Distributed Denial of Service} +\end{frame} + +{ +%\setbeamercolor{background canvas}{bg=black} +\usebackgroundtemplate{\includegraphics[width=\paperwidth,height=\paperheight]{Hintergrund.pdf}} +\begin{frame}[plain] + \begin{center} + \color{green}{Abwehr von Denial-of-Service-Angriffen + + durch effiziente User-Space Paketverarbeitung} + + \vspace{\baselineskip}\pause + \includegraphics[width=.8\linewidth]{aegis_logo_with_name.pdf} + \end{center} +\end{frame} +} + +\begin{frame}{Wie funktioniert AEGIS?} + \only<1>{ + \begin{center} + \includegraphics[width=\linewidth]{Netzwerkplan-Real.png} + \end{center} + } + \only<2>{ + \begin{center} + \begin{tikzpicture}[node distance=1cm, on grid, + every actor role/.style = {}, + actor role/.style = {rectangle, draw=black!80, ultra thick, minimum size = 6mm, every actor role}, + composite actor role/.style = {fill=blue!20, actor role}, + elementary actor role/.style = {fill=white!100, actor role}] + % external left + \node at (0,0) [cloud, draw =blue, text=black, fill = gray!10, aspect=1.5, cloud puffs = 18, cloud puff arc = 90, font=\small] (external) {Internet}; + % internal right + \node at (8,0) [composite actor role] (internal) [minimum height=24mm, text width=17mm, align=center] {internes Netzwerk}; + %connection + \draw[xshift=1cm,draw=black] (external) -- (internal); + \end{tikzpicture} + \end{center} + } + \only<3>{ + \begin{center} + \begin{tikzpicture}[node distance=1cm, on grid, + every transaction/.style = {fill=white!100}, + transaction/.style = {diamond, draw, every transaction, font=\small}, + every actor role/.style = {}, + actor role/.style = {rectangle, draw=black!80, ultra thick, minimum size = 6mm, every actor role}, + composite actor role/.style = {fill=blue!20, actor role}, + elementary actor role/.style = {fill=white!100, actor role}, + initiator/.style = {-}, + executor/.style = {<-, >=}, + system/.style = {rectangle, fill=white!100, ultra thick, draw=black!80, + minimum height=23mm, minimum width=3.8cm} ] + + \node [system] (system) at (0,3){}; + \node [above, text width=2cm, align=center] at (system.north) {AEGIS}; + \node [transaction] (nic1) at($(system.south west)!.50!(system.north west)$) {NIC\_1}; + \node [transaction] (nic2) at($(system.south east)!.50!(system.north east)$) {NIC\_2}; + + % external left + \path (nic1)++(-2.5,0) node [cloud, draw =blue, text=black, fill = gray!10, aspect=1.5, cloud puffs = 18, cloud puff arc = 90, font=\small] (external) {Internet} edge [executor] (nic1); + % internal right + \path (nic2)++(2.5,0) node [composite actor role] (internal) [minimum height=24mm, text width=17mm, align=center] {internes Netzwerk} edge [executor] (nic2); + + \end{tikzpicture} + \end{center} + } + \only<4>{ + \begin{center} + \begin{tikzpicture}[node distance=1cm, on grid, + every transaction/.style = {fill=white!100}, + transaction/.style = {diamond, draw, every transaction, font=\small}, + every actor role/.style = {}, + actor role/.style = {rectangle, draw=black!80, ultra thick, minimum size = 6mm, every actor role}, + composite actor role/.style = {fill=blue!20, actor role}, + elementary actor role/.style = {fill=white!100, actor role}, + initiator/.style = {-}, + executor/.style = {<-, >=}, + system/.style = {rectangle, fill=white!100, ultra thick, draw=black!80, + minimum height=60mm, minimum width=3.8cm} ] + + \node [system] (system) at (0,3){}; + \node [above, text width=2cm, align=center] at (system.north) {AEGIS}; + \node [transaction] (nic1) at($(system.south west)!.80!(system.north west)$) {NIC\_1}; + \node [transaction] (nic2) at($(system.south east)!.180!(system.north east)$) {NIC\_2}; + + \draw[xshift=1cm,draw=black] (nic1) -- ($(nic1)+(1.5,0)$) -- ($(nic2)-(2.4,0)$) --(nic2); + \draw[xshift=1cm,draw=black] (nic1) -- ($(nic1)+(1.7,0)$) -- ($(nic2)-(2.2,0)$) --(nic2); + \draw[xshift=1cm,draw=black] (nic1) -- ($(nic1)+(2.2,0)$) -- ($(nic2)-(1.7,0)$) --(nic2); + \draw[xshift=1cm,draw=black] (nic1) -- ($(nic1)+(2.4,0)$) -- ($(nic2)-(1.5,0)$) --(nic2); + + \node [composite actor role] (PacketDissection) at ($(system.south)!.60!(system.north)$) {PacketDissection}; + \node [composite actor role] (Inspection) at ($(system.south)!.45!(system.north)$) {Inspection} edge [executor] (PacketDissection); + \node [composite actor role] (Treatment) at ($(system.south)!.30!(system.north)$) {Treatment} edge [executor] (Inspection); + \node [composite actor role] (Statistic) at ($(system.south)!.10!(system.north)$) {Statistic} edge [executor] (Treatment); + + \draw[xshift=1cm,draw=black] (nic1) -- ($(system.south)!.80!(system.north)$) -- (PacketDissection); + \draw[xshift=1cm,draw=black] (Treatment) -- ($(system.south)!.18!(system.north)$) -- (nic2); + + % external left + \path (nic1)++(-2.5,0) node [cloud, draw=blue, text=black, fill = gray!10, aspect=1.5, cloud puffs = 18, cloud puff arc = 90, font=\small] (external) {Internet} edge [executor] (nic1); + % internal right + \path (nic2)++(2.5,0) node [composite actor role] (internal) [minimum height=24mm,text width=17mm, align=center] {internes Netzwerk} edge [executor] (nic2); + \end{tikzpicture} + \end{center} + } +\end{frame} + +\begin{frame}{Was kann AEGIS?} + + \center + \begin{todolist} + \only<1>{\item Abwehr von SYN Flood Attacken} + \only<2->{\item[\done] Abwehr von SYN Flood Attacken} + \only<1-2>{\item Abwehr von SYN-FIN/SYN-FIN-ACK Attacken} + \only<3->{\item[\done] Abwehr von SYN-FIN/SYN-FIN-ACK Attacken} + \only<1-3>{\item Datenrate $\geq$ 5 Gbit/s \footnote{Gigabit per second}; Paketrate $\geq$ 7 Mpps \footnote{Million packages per second}} + \only<4->{\item[\done] Datenrate $\geq$ 5 Gbit/s \footnote{Gigabit per second}; Paketrate $\geq$ 7 Mpps \footnote{Million packages per second}} + \only<1-4>{\item Konfiguration durch Nutzer} + \only<5->{\item[\done] Konfiguration durch Nutzer} + \only<1-5>{\item Skalieren} + \only<6->{\item[\done] Skalieren} + \end{todolist} +\end{frame} + +\begin{frame}{Was kostet AEGIS?} + \begin{todolist} + \item Leistungsfähiger Rechner mit Multicore CPU \pause + \item DPDK-fähige Netzwerkkarte \pause + \item Stromkosten von $\sim$1000€ p.a. \pause + \item Delay für Verbindungen aus dem internen Netz: 0\% \pause + \item Delay für Verbindungen aus dem externen Netz: $<30$\% + \end{todolist} +\end{frame} + +\begin{frame}{Der Testaufbau} + \begin{center} + \begin{tikzpicture}[node distance=1cm, on grid, + every transaction/.style = {fill=white!100}, + transaction/.style = {diamond, draw, every transaction, font=\small}, + every actor role/.style = {}, + actor role/.style = {rectangle, draw=black!80, ultra thick, minimum size = 6mm, every actor role}, + composite actor role/.style = {fill=blue!20, actor role}, + elementary actor role/.style = {fill=white!100, actor role}, + initiator/.style = {-}, + executor/.style = {<-, >=}, + system/.style = {rectangle, fill=blue!20, ultra thick, draw=black!80, + minimum height=10mm, minimum width=20mm} ] + \node [system] (system) at (0,3){Dave}; + \node [above, text width=2cm, align=center] at (system.north) {AEGIS}; + \node [transaction] (nic1) at($(system.south west)!.50!(system.north west)$) {}; + \node [transaction] (nic2) at($(system.south east)!.50!(system.north east)$) {}; + \path (nic1)++(-2.5,+2) node [composite actor role] (mallory)[minimum height=4mm] {Mallory} edge [executor] (nic1); + \path (nic1)++(-2.5,-2) node [composite actor role] (alice)[minimum height=4mm] {Alice} edge [executor] (nic1); + \path (nic2)++( 2.5,0) node [composite actor role] (bob)[minimum height=4mm] {Bob} edge [executor] (nic2); + + \path[xshift=1cm] (alice) -- node [midway,above,align=center, text width=20mm,rotate=40]{Legitime Verbindung} (nic1); + \path[xshift=1cm] (mallory) -- node [midway,above,align=center, text width=20mm,rotate=-40]{DoS Attack} (nic1); + + \node [left, text width=.3cm, align=center] at (mallory.west) {\includegraphics[width=10px]{1F608.pdf}}; + \node [left, text width=.3cm, align=center] at (alice.west) {\includegraphics[width=10px]{1F607.pdf}}; + + \end{tikzpicture} + \end{center} +\end{frame} + +\begin{frame}{Herausforderungen} + \center + \begin{todolist} + \item Isolation vom Internet durch Network-Namespaces \pause + \item Nachbau der DPDK-Library für Unit-Tests \pause + \item Begrenzte Hardwareressourcen des Testbeds \pause + \item Codeeffizienz als maßgebliches Erfolgskriterium \pause + \item Notwendigkeit der Entwicklung eigener Angriffstools + \end{todolist} +\end{frame} + +\begin{frame}{Der Angreifer} + \includegraphics[width=\linewidth]{attackerVShping.pdf} +\end{frame} + +\begin{frame}[plain] + \center + Live aus dem Labor +\end{frame} + +\begin{frame}{Bewertung des Softwareprojekts} + Aus Umfragen ergab sich: + \begin{itemize} \pause + \item \includegraphics[width=8px]{1F600.pdf} Praxiserfahrung \pause + \item \includegraphics[width=8px]{1F600.pdf} Teamarbeit \pause + \item \includegraphics[width=8px]{1F600.pdf} Team Programming \pause + \item \includegraphics[width=8px]{1F635.pdf} Bewältigung komplexer Aufgabenstellungen \pause + \item \includegraphics[width=8px]{1F600.pdf} Erfahrungen mit Git, \LaTeX, Linux und DPDK \pause + \item \includegraphics[width=8px]{1F60E.pdf} Ambitionen zur Projektfortführung + \end{itemize} +\end{frame} + +\begin{frame}{Projekt Zeitrahmen} + \includegraphics[width=\linewidth]{AufwandsschaetzungNeu.pdf} +\end{frame} + +\begin{frame}{Zukunftsvisionen} + \begin{todolist} \pause + \item Repository auf Github \pause + \item Erweiterung der Abwehrmechanismen \pause + \item Statistik für Nutzer \pause + \item Effizienzsteigerung + \end{todolist} +\end{frame} + +\section{Raum für Fragen} + +\end{document} \ No newline at end of file