URLink: Using Names As Sole Internet Addresses to Tackle Scanning Attacks in IoT

De Coninck, Quentin; Kalantari, Shirin; Sion, Laurens; Hughes, Danny

doi:10.1145/3628356.3630115

Download

Paper published in a journal (Scientific congresses and symposiums)

URLink: Using Names As Sole Internet Addresses to Tackle Scanning Attacks in IoT

De Coninck, Quentin; Kalantari, Shirin; Sion, Laurens et al.

2023 • In SensorsS&P: Proceedings of the First International Workshop on Security and Privacy of Sensing Systems, p. 15-21

Peer reviewed

Permalink
https://hdl.handle.net/20.500.12907/46705

DOI
10.1145/3628356.3630115

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

Sensors_S_P.pdf

Author postprint (1.85 MB)

Download

All documents in ORBi UMONS are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Scanning attacks; DoS; QUIC

Abstract :

[en] The Internet adopts a layered architecture where IP addresses are used to identify endpoints and port numbers serves as application multiplexers over a single host. Nowadays, names are usually used to expose a service to public access. However, even with the current DNS architecture, nodes must still know what the running host’s IP address and service’s port number are to access the service. In fact, any node can directly contact a publicly available node, sometimes for other purposes than accessing its public services. This is specially a challenge in IoT as highlighted by numerous high-profile DDoS attacks which leverage Internet scanning to find vulnerable IoT nodes. Defending against this is often a challenge for service operators. This paper questions this current architecture and calls for an alternative called URLink, where names are used as the sole identifier and access door towards a service. Through a new network abstraction called URLSocket, clients are no longer aware of the public service’s IP address and port number. We argue that such an approach is beneficial for IoT networks, as it can be used to address various security and privacy issues in these network. While such an architecture calls for changes in the client application stacks, existing applications (e.g. those running on an IoT node) can still leverage the proposed system in the current Internet.

Disciplines :

Computer science

Author, co-author :

De Coninck, Quentin ; Université de Mons - UMONS > Faculté Polytechniqu > Service de Cybersécurité et Systèmes Informatiques

Kalantari, Shirin ; DistriNet, KU Leuven, Leuven, Belgium

Sion, Laurens ; DistriNet, KU Leuven, Leuven, Belgium

Hughes, Danny ; DistriNet, KU Leuven, Leuven, Belgium

Language :

English

Title :

URLink: Using Names As Sole Internet Addresses to Tackle Scanning Attacks in IoT

Publication date :

12 November 2023

Event name :

First International Workshop on Security and Privacy of Sensing Systems (Sensors S&P 2023)

Event organizer :

Association for Computing Machinery

Event place :

Istanbul, Turkey

Event date :

12 November 2023

Audience :

International

Journal title :

SensorsS&P: Proceedings of the First International Workshop on Security and Privacy of Sensing Systems

Publisher :

Association for Computing Machinery, New York, United States - New York

Pages :

15-21

Peer reviewed :

Peer reviewed

Additional URL :

https://dl.acm.org/doi/pdf/10.1145/3628356.3630115

Research unit :

F115 - Service de Cybersécurité et Systèmes Informatiques

Research institute :

Infortech

Available on ORBi UMONS :

since 17 November 2023

Statistics

Number of views

10 (4 by UMONS)

Number of downloads

38 (7 by UMONS)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenAlex citations

Bibliography

Prashant Anantharaman, Liwei Song, Ioannis Agadakos, Gabriela Ciocarlie, Bogdan Copos, Ulf Lindqvist, and Michael E. Locasto. 2020. IoTHound: Environment-Agnostic Device Identification and Monitoring. In Proceedings of the 10th International Conference on the Internet of Things (Malmö, Sweden) (IoT '20). Association for Computing Machinery, New York, NY, USA, Article 7, 9 pages. https://doi.org/10.1145/3410992.3410993
Manos Antonakakis, Tim April, Michael Bailey, MatthewBernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Conference on Security Symposium (Vancouver, BC, Canada) (SEC'17). USENIX Association, 1093-1110.
Apple. 2021. iCloud Private Relay Overview. https://www.apple.com/privacy/ docs/iCloud_Private_Relay_Overview_Dec2021.PDF.
Robert Beverly, Ramakrishnan Durairajan, David Plonka, and Justin P Rohrer. 2018. In the IP of the beholder: Strategies for active IPv6 topology discovery. In Proceedings of the Internet Measurement Conference 2018. 308-321.
Mike Bishop. 2022. HTTP/3. RFC 9114. https://doi.org/10.17487/RFC9114
Chromium Blog. 2020. Chrome is deploying HTTP/3 and IETF QUIC. https: //blog.chromium.org/2020/10/chrome-is-deploying-http3-and-ietf-quic.html.
Carna Botnet. 2012. Internet Census 2012:Port scanning /0 using insecure embedded devices. https://census2012.sourceforge.net/paper.html.
Cloudflare. 2023. quiche. https://github.com/cloudflare/quiche.
Consumer Reports. 2017. Consumer Reports Launches Digital Standard, Begins Evaluating Products, Services for Privacy and Data Security. https://www.consumerreports.org/privacy/consumer-reports-to-beginevaluating-products-services-for-privacy-and-data-security-a2018541943/.
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The secondgeneration onion router. Technical Report. Naval Research Lab Washington DC.
Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. 2015. A Search Engine Backed by Internet-Wide Scanning. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS '15). Association for Computing Machinery, New York, NY, USA, 542-553. https://doi.org/10.1145/2810103.2813703
Zakir Durumeric, Eric Wustrow, and J Alex Halderman. 2013. {ZMap}: Fast Internet-wide Scanning and Its Security Applications. In 22nd USENIX Security Symposium (USENIX Security 13). USA, 605-620.
Ericsson. 2023. Ericsson Mobility Report. https://www.ericsson.com/ 49dd9d/assets/local/reports-papers/mobility-report/documents/2023/ericssonmobility-report-june-2023.pdf.
Roy T. Fielding, Mark Nottingham, and Julian Reschke. 2022. HTTP Semantics. RFC 9110. https://doi.org/10.17487/RFC9110
Andy Greenberg. 2015. Hackers Remotely Kill a Jeep on the Highway. https: //www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/.
Mark Gritter and David R. Cheriton. 2001. An Architecture for Content Routing Support in the Internet. In Proceedings of the 3rd Conference on USENIX Symposium on Internet Technologies and Systems-Volume 3 (San Francisco, California) (USITS'01). USENIX Association, USA, 4.
Arnt Gulbrandsen and Dr. Levon Esibov. 2000. A DNS RR for specifying the location of services (DNS SRV). RFC 2782. https://doi.org/10.17487/RFC2782
Paul E. Hoffman. 2023. DNS Security Extensions (DNSSEC). RFC 9364. https: //doi.org/10.17487/RFC9364
Christian Huitema, Sara Dickinson, and Allison Mankin. 2022. DNS over Dedicated QUIC Connections. RFC 9250. https://doi.org/10.17487/RFC9250
Jana Iyengar and Martin Thomson. 2021. QUIC: A UDP-Based Multiplexed and Secure Transport. RFC 9000. https://doi.org/10.17487/RFC9000
Liz Izhikevich, Renata Teixeira, and Zakir Durumeric. 2021. LZR: Identifying Unexpected Internet Services. In USENIX Security Symposium. 3111-3128.
Liz Izhikevich, Renata Teixeira, and Zakir Durumeric. 2022. Predicting IPv4 Services across All Ports. In Proceedings of the ACM SIGCOMM 2022 Conference (Amsterdam, Netherlands) (SIGCOMM '22). Association for Computing Machinery, New York, NY, USA, 503-515. https://doi.org/10.1145/3544216.3544249
Van Jacobson, Diana K. Smetters, James D. Thornton, Michael F. Plass, Nicholas H. Briggs, and Rebecca L. Braynard. 2009. Networking Named Content. In Proceedings of the 5th International Conference on Emerging Networking Experiments and Technologies (Rome, Italy) (CoNEXT '09). Association for Computing Machinery, New York, NY, USA, 1-12. https://doi.org/10.1145/1658939.1658941
Level 3 Threat Research Labs. 2016. Attack of Things! https://web.archive.org/ web/20161003194500/http://blog.level3.com/security/attack-of-things/.
Linda Markowsky and George Markowsky. 2015. Scanning for Vulnerable Devices in the Internet of Things. In 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (Warsaw, Poland). IEEE Press, 463-467. https: //doi.org/10.1109/IDAACS.2015.7340779
Jomile Nakutaviiute. 2018. Hacker terrorizes family by hijacking baby monitor. https://nordvpn.com/blog/baby-monitor-iot-hacking/.
Lily Hay Newman. 2016. What We Know About Friday's Massive East Coast Internet Outage. DNS service Dyn faces DDoS attacks. https://www.wired.com/ 2016/10/internet-outage-ddos-dns-dyn/.
Erik Nordström, David Shue, Prem Gopalan, Rob Kiefer, Matvey Arye, Steven Ko, Jennifer Rexford, and Michael J. Freedman. 2012. Serval: An End-Host Stack for Service-Centric Networking. In 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12). USENIX Association, San Jose, CA, 85-98. https://www.usenix.org/conference/nsdi12/technical-sessions/presentation/ nordstrom
Jose Pagliery. 2014. Internet of fails: What's wrong with connected devices. https: //money.cnn.com/2014/10/08/technology/security/internet-of-things-security.
Tommy Pauly, Eric Kinnear, and David Schinazi. 2022. An Unreliable Datagram Extension to QUIC. RFC 9221. https://doi.org/10.17487/RFC9221
Check Point. 2018. Faxploit: New Check Point Research Reveals How Criminals Can Target Company & Private Fax Machines to Take Over Networks and Spread Malware. https://www.checkpoint.com/press-releases/faxploit-new-checkpoint-research-reveals-criminals-can-target-company-private-fax-machinestake-networks-spread-malware/.
Elvira Rodríguez, Arman Noroozian, Michel van Eeten, and Carlos Hernandez Gañán. 2021. Superspreaders: Quantifying the Role of IoT Manufacturers in Device Infections., 18 pages.
Lucas Ropek. 2021. A Home Security Worker Hacked Into Surveillance Systems to Watch People Have Sex. https://gizmodo.com/a-home-security-workerhacked-into-surveillance-systems-1846111569.
Said Jawad Saidi, Anna Maria Mandalari, Hamed Haddadi, Daniel J. Dubois, David Choffnes, Georgios Smaragdakis, and Anja Feldmann. 2021. Detecting Consumer IoT Devices through the Lens of an ISP. In Proceedings of the Applied Networking Research Workshop (Virtual Event, USA) (ANRW '21). Association for Computing Machinery, New York, NY, USA, 36-38. https://doi.org/10.1145/3472305.3472885
Paul Schmitt, Jana Iyengar, Christopher Wood, and Barath Raghavan. 2022. The decoupling principle: a practical privacy framework. In Proceedings of the 21st ACM Workshop on Hot Topics in Networks. 213-220.
Satyajit Sinha. 2023. State of IoT 2023: Number of connected IoT devices growing 16% to 16.7 billion globally. https://iot-analytics.com/number-connected-iotdevices/.
Shreyas Srinivasa, Jens Myrup Pedersen, and Emmanouil Vasilomanolakis. 2021. Open for Hire: Attack Trends and Misconfiguration Pitfalls of IoT Devices. Association for Computing Machinery, New York, NY, USA, 195-215. https://doi.org/10.1145/3487552.3487833
Tim Wright, Simon Blake-Wilson, Jan Mikkelsen, Magnus Nystrom, and David Hopwood. 2006. Transport Layer Security (TLS) Extensions. RFC 4366. https: //doi.org/10.17487/RFC4366
Haitao Xu, Zhao Li, Chen Chu, Yuanmi Chen, Yifan Yang, Haifeng Lu, Haining Wang, and Angelos Stavrou. 2018. Detecting and characterizing web bot traffic in a large e-commerce marketplace. In Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part II 23. Springer, 143-163.
Zeljka Zorz. 2016. Insecure pacemakers can be easily hacked. https://www. helpnetsecurity.com/2016/12/01/insecure-pacemakers-easily-hacked/.