Asynchronous Transfer Mode (ATM) Networks: Security Vulnerability Research

Page Content

Susan Labonte

Susan Labonte - MITRE Corporation

Dec 03, 1999

Abstract

ATM networks are being implemented without widespread knowledge of whether security vulnerabilities are inherent in ATM protocols or vendors's implementations. Given the complexity of ATM, and that such complexity typically leads to vulnerabilities, it is likely that deployed ATM networks are vulnerable to attack. Network administrators may not be equipped to recognize the attacks or protect against them.

This talk will describe a project that is investigating security vulnerabilities in ATM networks and developing penetration tools to exploit them. A primary focus of the project is the ATM Forum's LAN Emulation (LANE), which is designed to allow existing LAN (e.g., Ethernet) applications to run over ATM networks. An area being researched is the use of traditional Ethernet attacks against Emulated LANs. Another area being researched is the inherent vulnerability of implementing the ATM Forum's LANE protocol as specified.

About the Speaker

Ms. Labonte received her B.S. in Electrical Engineering from Worcester Polytechnic Institute in 1986 and began working for MITRE on tactical data links for the military, with particular emphasis on international data link implementations, COMSEC issues, and interoperability testing. In 1998, she joined MITRE's Information Warfare and Secure Systems Engineering department as an INFOSEC Engineer, and has been involved with researching network vulnerabilities and demonstrating attack tools.

Footer

Intranet Site