Changes between Version 53 and Version 54 of ExDescLang


Ignore:
Timestamp:
Oct 19, 2010 2:52:26 PM (14 years ago)
Author:
sunshine
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ExDescLang

    v53 v54  
    216216Now I'm a user who wants to design an experiment. I need to combine two metadescriptions (ARP poisoning and MITM attack) and somehow tie them down to generator choices. To combine I'll do something like this:
    217217
    218    [[Image(dnsphishcomb.jpg)]]
    219 
    220 i.e. the fakeIP from DNS cache poisoning metadescription belongs to the server from confidential input metadescription. Notice that I did nothing to say that fakeIP should match the '''IP address''' of the server but that's obvious from the context. Since fakeIP is an IP address it must match an IP address that somehow has to be related to the server.
     218   [[Image(arpmitmcomb.jpg)]]
     219
     220i.e. the ARP experiment needs to be run twice to generate the mappings at node1 and node2 necessary for the attacker to appear on the path from node1 to node2. The cache we're poisoning is at node1 and node2. Poison links the IP address of node2 and node1 respectively with the attacker's ARP address.
    221221
    222222The system now needs to offer me several generators:
    223223
    224  * It should offer a topology generator and map the nodes (Auth, Attacker, Server) to the topology that gets generated. Cache has to reside somewhere and it can't be at the attacker or Auth, so it will need an extra node. Note there's a little vagueness here - I said nothing about the server so theoretically cache could go there but it wouldn't make sense since the DNS at the server would know what is this server's IP. So ultimately this would violate some invariant during setup when it would become obvious that the findauth step will never point to Auth since DNS info hard-coded at the Server node has all the right information.
    225  * It should offer event generator for each of the events: query, reply, access, askconfidential. Specifically for query, reply it should offer DNS traffic generators.  For access, askconfidential it should offer HTTP traffic generators.
     224 * It should offer a topology generator and map the nodes (Node1, Node2, Attacker) to the topology that gets generated. Caches have to reside at Node1 and Node2.
     225 * It should offer event generator for each of the events: reply (for ARP), and mod(for message).
    226226
    227227= TODO =