Cisco Knowledge Suite Cisco SystemsCisco Press
   

   
Home
MyCKS
Cutting Edge
Certification
Core Reference
Guided Learning
   
Networking Architecture
LAN
WAN
Switching
Internet Protocols (IP)
Network Protocols
Transport and Application Protocols
Desktop Protocols
Security and Troubleshooting
Network Resources and Management
Integrated Services
 

ATM Networks and Security

by Eva Bozoki - May 30, 2000

ATM Networks and Security

1. Introduction

 

2. ATM Connections

 

3. ATM Protocol Basics

 

4. Attacks

 

5. Security Measures

 

6. Placement of the User Plane Security Services

 

7. Secure Call Setup Protocol

 

8. Conclusion

 

Acknowledgement

 

References

 

About the Author

 
   

4. Attacks

Although the principal advantages of ATM are its capacity for speed and data volume and its flexibility, these factors represent a relatively small and transient security enhancement over traditional communications structures and come with a level of complexity that raises new security issues. A strong argument for integration of security functions within the ATM environment exists for this reason: Tremendous volumes of data can be compromised in a shorter period of time and with less risk of exposure to the attacker than in slower communications mechanisms transmitting smaller message packages.

The following two types of attacks involve the unauthorized monitoring of or tampering with an ATM communication. These attacks would require physical installation of a rouge device on the network:

  • Eavesdropping—Simply capturing and recording a cell with an ATM analyzer, similar to catching an IP packet with a packet analyzer and inspecting the message. (The ATM analyzer is a device that is capable of capturing, displaying, analyzing, and possibly editing and replaying an ATM cell.)

  • Modifying/replaying the message—Capturing and repeatedly replaying the transmitted information. A variation of this attack involves capturing, modifying (the payload), and replaying the transmitted information. There is no inherent data integrity checking in the ATM protocol. The speed of ATM data transmission makes this type of attack on the fly extremely difficult.

    When no time stamps or sequence numbers are associated with ATM cells, it is possible to replay the same message or part of a message.

Redirection and denial of service can occur if switches are compromised, either by taking over one switch and then using it to launch attacks on the others, or by breaking into the control interface of one or more switches and tampering with their switching tables or other internal functions. Denial of service attacks can also be mounted by exploiting the weaknesses in signaling:

  • Redirection—If an ATM switch is compromised, the attacker can change the virtual channel designation in the cell header, actually hijacking the cell and (randomly or systematically) sending it to an unintended destination. One form of this attack would switch cells so that a particular user would always use a higher-quality connection.

    A particularly onerous aspect of this type of attack is that the attacker's presence is discernible only during transmission; no trace of evidence remains when the message session is concluded.

    A modified form of redirection attack to which ATM is particularly vulnerable involves generating unauthorized copies of transmissions to third parties, following a "hostile insertion," as described previously.

  • Masquerading—The attacker falsifies its identity (called/calling party and connection identifiers) during the setup phase (signaling) of the connection. In particular, the SETUP message provides the calling party's phone number and, optionally, its ID. In a masquerading attack, these information fields are changed by the attacker.

  • Sabotage/denial of service attacks—These attacks make no attempt to capture or otherwise manipulate data; however, they effectively disrupt ATM messages between communicating parties, and therefore blockthe resource from authorized users. Any of the following mechanisms can result in the disruption of ATM traffic with little or no evidence of the attacker's activity:

    • Through insertion in the custodial chain, the ATM pathway can be "dropped" between authorized custodial points. For instance, an attacker can modify a signal so that it results in a forced reset of one of the switches.

    • The switch databank can be modified or erased.

    • An incursion into a switch can disrupt or delete the path table, leaving authorized parties unaware of the attack, its source, what time it occurred, or the result of the communications effort — unless another means of receipt verification is employed. However, this would eliminate a principal advantage inherent in ATM (speed), and would impose additional administrative burden.

    • An attacker can flood a switch or switches in the path by repeatedly sending irrelevant signals to it, thus creating a heavy computational load within the switch and resulting in inflated storage requirements. In either event, performance of the switch (and, by extension, the ATM network) suffers.

    • An attacker can send a RELEASE or DROP PARTY signal to any intermediate switch, thereby disconnecting the virtual connection.

    • An attacker can send a RESTART signal to an end user that de-allocates all resources associated with the virtual circuits.

    • An attacker can delay CALL PROCEEDING or CONNECT ACKNOWLEDGE message so that they are not received within the required time span after the SETUP signal, and thus effectively disconnect the virtual connection.

 

Previous | Next

 

Breaking News

One of the primary architects of OpenCable, Michael Adams, explains the key concepts of this initiative in his book OpenCable Architecture.

Expert Advice

Ralph Droms, Ph.D., author of The DHCP Handbook and chair of the IETF Dynamic Host Configuration Working Group, guides you to his top picks for reliable DHCP-related information.

Just Published

Residential Broadband, Second Edition
by George Abe

Introduces the topics surrounding high-speed networks to the home. It is written for anyone seeking a broad-based familiarity with the issues of residential broadband (RBB) including product developers, engineers, network designers, business people, professionals in legal and regulatory positions, and industry analysts.

             
     

From the Brains at InformIT

|

Contact Us

|

Copyright, Terms & Conditions

|

Privacy Policy

 

© Copyright 2000 InformIT. All rights reserved.