Changes between Version 2 and Version 3 of MitmExample


Ignore:
Timestamp:
Nov 4, 2010 5:32:49 PM (14 years ago)
Author:
sunshine
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • MitmExample

    v2 v3  
    5858
    5959
    60  * '''Invariants:'''
    61 
    62    Nothing in addition to the topology and timeline above.
     60 * '''Invariants:''' Nothing in addition to the topology and timeline above.
    6361
    6462=== MITM attack metadescription ===
    6563
    66 Dimensions:
    6764 * '''Logical topology:'''
    68    [[Image(mitmobj.jpg)]]
    6965
    70    (in English: There is one attacker node, and two regular nodes who want to communicate. These are all different nodes.)
     66    '''Objects:'''
     67
     68      Attacker, Node1, Node2 extends Node
     69
     70    '''Cardinality:'''
     71
     72      |Attacker|,,1,,
     73 
     74      |Node1|,,1,,
     75
     76      |Node2|,,1,,
     77
     78    '''Relationships:'''
    7179
    7280
    7381 * '''Timeline of events: '''
    7482
    75   [[Image(mitmwf.jpg, 70%)]]
     83  '''Definitions:''
    7684
    77    (in English: Attacker replaces each msg between nodes with some modification.)
     85    Attacker a, Node1 n1, Node2 n2
    7886
    79  * '''Invariants:'''
     87      e1 := {type = MSG, origin = n1, destination = a, content = x}
    8088
    81    Nothing in addition to the topology and timeline above.
     89      e2 := {type = MSG, origin = a, destination = n2, content = modify(x)}
     90
     91      e3 := {type = MSG, origin = n2, destination = a, content = y}
     92
     93      e4 := {type = MSG, origin = a, destination = n1, content = modify(y)}
     94
     95  '''Timeline:'''
     96
     97      e1 -> e2 and e3 -> e4
     98
     99 * '''Invariants:'''    Nothing in addition to the topology and timeline above.
    82100
    83101=== Experiment design ===
     
    85103Now I'm a user who wants to design an experiment. I need to combine two metadescriptions (ARP poisoning and MITM attack) and somehow tie them down to generator choices. To combine I'll do something like this:
    86104
    87    [[Image(arpmitmcomb.jpg)]]
     105  ARPPoisoning arp1, ARPPoisoning arp2, MITMAttack mitm
    88106
    89 i.e. the ARP experiment needs to be run twice to generate the mappings at node1 and node2 necessary for the attacker to appear on the path from node1 to node2. The cache we're poisoning is at node1 and node2. Poison links the IP address of node2 and node1 respectively with the attacker's ARP address.
     107    arp1.FakePA = mac(mitm.Attacker)
    90108
    91 The system now needs to offer me several generators:
     109    arp1.IP = ip(mitm.Node2)
    92110
    93  * It should offer a topology generator and map the nodes (Node1, Node2, Attacker) to the topology that gets generated. Caches have to reside at Node1 and Node2.
    94  * It should offer event generator for each of the events: reply (for ARP), and mod(for message).
     111    collocated(arp1.Cache, mitm.Node1) 
     112
     113    arp2.fakePA = mac(mitm.Attacker)
     114
     115    arp2.IP = ip(mitm.Node1)
     116
     117    collocated(arp2.Cache, mitm.Node2) 
     118
     119    (arp1 and arp2) -> mitm
     120