Upload
securemind
View
1.461
Download
0
Tags:
Embed Size (px)
DESCRIPTION
This was a presentation I did on PLONS "Physical Layer Optical Network Security" for the Central New York ISSA Chapter which was derived from my Masters Thesis
Citation preview
Joshua S. White
Academic & Technical Advisor:Dr. John Marsh
Presented To: Information Systems Security Association
Central New York Chapter
Presentation Derived From:SUNYIT M.S. Telecommunications Thesis
The Missing Pieces: Physical Layer Optical Network Security
> Outline
What is PLONS? Reasoning What's Known Understanding The Void The Big Picture PDR Closings
Physical Layer Optical Network SecurityPhysical Layer Optical Network Security
> Why Bother?
Fiber to the X 90 million+ Miles Of Fiber In 10 Years 1 Sec. Compromise is Upwards of 40 Gb Loss Networks Not Build With Security In Mind Most Traffic Eventually Travels a Fiber Link Less Research on PDR More on Attacks Recent Events
Mediterranean, Persian Gulf U.S.S. Jimmy Carter
> What's Known: PLON Attacks
Tapping Bend Rayleigh Scatter Crosstalk Legitimate
Gain Competition Single Point Multi-Point Due to Bend
Jamming EDFA Multi-Point Crosstalk
Correlative Out of Band In Band
> Categorization
> Understanding The Void
> T
he B
ig P
ictu
re
> PDR Protection
Buried, Armored Cable, Bend Resistant Network Finger Print, Documentation Limiting Margins, Automatic Gain Control Rx Overload Protection
Detection Comparison to Network Finger Print
ASE Tilt Measurement, OTDR Traces, SNR, Eye Diagrams, Overall and Channel Power Levels
Reaction Based On Policies, Procedures, Guidelines
> Closing What's Needed:
More Awareness Dispel The Myths
QoS is Not Security More Research
What's Now Provided: Taxonomy For PLONS A Better Understanding of Specific Attacks The Beginnings of a Standardized PDR Schema
> CitationsCitations[1] Harry Dutton, Understanding Optical Communications, IBM
RedBooks, SGA24-5230-00, Sep. 1998
[2] Luca Faustini and Giuseppe Martini. Bend loss in single-mode fibers. IEEE - Journal of Lightwave Technology,
15(4): 671–679, April 1997.
[3] Alun J. Harris and Peter F. Castle. Bend loss measurements on high numerical aperture single-mode fibers as a
function of wavelength and bend radius. IEEE - Journal of Lightwave Technology, 4(1):34–40,
January 1986.
[4] Muriel Medard, Douglas Marquis, Richard A. Barry, and Steven G. Finn: Security Issues in All-Optical Networks,
IEEE Network Magazine 11(3), 42–8, May/June 1997.
[5] Alun J. Harris, Peter F. Castle, and Paul A. Shrubshall: Wavelength Demultiplexing Using Bends in a
Single- Mode Optical Fiber, IEEE - Journal of Lightwave Technology 6(1):80-86, January 1988.
[6] T. H. Shake, B. Hazzard, and D. Marquis: Assessing Network Infrastucture Vulnerabilities to Physical Layer
Attacks Distributed Systems Group, Advanced Networks Group, Lincoln Laboratory MIT, Sponsored By the DARPA
under contract F19628-95-C-002
[7] Muriel Medard, Douglas Marquis, and Stephen R. Chinn: Attack Detection Methods for All-Optical Networks,
Network and Distributed System Security Symposium, sponsored by the Internet Society Session 3(Paper 1), 1–15, 1998
[8] M.Y. Loke, and James N. McMullin: Simulation and Measurement of Radiation Loss at Multimode Fiber Macrobends, IEEE - Journal of Lightwave
Technology 8(8), 1250–56, August 1990
[9] R. Morgan, J.D.C. Jones, P.G. Harper, and J.S. Barton: Observation of secondary bend loss oscillations
arising from propagation of cladding modes in buffered monomode optical fibres , Optics Communications 85(1),17–20, August 1991
[10] Technical Staff of CSELT: Fiber Optic Communications Handbook, TAB Profession and
Reference Books, 1990
[11] Robert S. Elliott, “Electromagnetics – History, Theory, and Applications”, IEEE Press Series on
Electromagnetic Waves, IEEE Press, 1993
[12] Muriel Medard, Douglas Marquis, and Stephen R. Chinn: Attack Detection Methods for All-Optical Networks,
Network and Distributed System Security Symposium, sponsored by the Internet Society Session 3(Paper 1), 1–15, 1998
[13] Cancellieri, G. single-Mode Optical Fibers, Pergamon Press, Toronto, 1991
[14] Keiser, G., Optical Fiber Communications 2nd Edition, McGraw Hill, Inc., Toronto, 1991
[15] Walter, H., Method and Device For Extracting Signals Out of a Glass Fiber, US Patent No.: 6,265,710 B1, July 2001
[16] Stoneburner, G., Goguen, A., Feringa, A., Risk Management Guide for Information Technology Systems, Special Publication 800-30
[17] Bruce Potter, Trends in wireless security – the big picture, Network Security Volume 2003, Issue 12,
December 2003, Pages 4-5.
[18] Opterna, State of Optical Network Security, Black Hat Federal Briefing Presentation, October 2003
[19] ISO/IEC 15408:1999(E): Information Technology – Security Techniques – Evaluation Criteria for IT Security,
International Organization for Standardization, Geneva, Switzerland.
[20] Schneier, Bruce. “Attack Trees.” 21-29. Dr. Dobb’s Journal of software Tools 24, 12 (December 1999): 21-29
[21] Schneier, Bruce. Secrets and Lies: Digital Security in a Networked World. New York, NY: John Wiley &
Sons, 2000.
> CitationsCitations