SENT Workshop Overview

With the emergence of new computing paradigms, networking experiences unprecedented transformation. Due to the proliferation of cloud computing and large datacenters, networks are faced with numerous new requirements. Smart and mobile devices enable seamless upload and download of multi-media content, thus putting tremendous pressure on the network infrastructure. Moreover, the increasing importance of online services for government, industry, and society requires highly available and efficient networking. Cyber-Physical Systems (CPS), such as Supervisory Control And Data Acquisition (SCADA) devices, are increasingly monitored and controlled over public communication networks. At the same time, the scale and range of devices in everyday settings (automotive, household, medical) is experiencing tremendous growth, resulting in the so-called Internet of Things (IoT) which prompts new security and privacy challenges. Unfortunately, not only applications are progressing, but also attacks are becoming increasingly sophisticated. Attacks on datacenters can result in data exfiltration. Mobile devices fall prey to compromises, creating the prospect of a large-scale botnet consisting of mobile devices. Recently, numerous online services were attacked, where hosts of large-scale botnets participated to attack a victim in a Distributed-Denial-of-Service (DDoS) attack. SCADA networks have also been targeted, perhaps the best known example being the Stuxnet malware.

In this environment, exciting research challenges arise. We will discuss emerging technologies: how they can help addressing these issues without introducing new vulnerabilities. Sample technologies include Software-Defined Networking (SDN) and Openflow, Content-Centric Networking (CCN) and Named-Data-Networking (NDN), and proposed Future Internet architectures. The goal of this workshop is to bring together academic and industry researchers together to discuss emerging problems, challenges, and potential solutions of these networking technologies.

Sunday, February 8
8:45 am Opening Remarks

Welcome Message from the chairs, Adrian Perrig and Gene Tsudik

9:00 am Keynote

Living in a World of Decentralized Data

Burt Kaliski, Senior Vice President & Chief Technology Officer, Verisign

10:00 am Coffee Break
10:30 am Congestion Attacks to Autonomous Cars Using Vehicular Botnets


Mevlut Turker Garip, Mehmet Emre Gursoy, Peter Reiher, and Mario Gerla

11:00 am  

Towards Autonomic DDoS Mitigation using Software Defined Networking


Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, and Hervé Debar

11:30 am Classification of Quantum Repeater Attacks


Shigeya Suzuki and Rodney Van Meter

12:00 pm Inter-Flow Consistency: Novel SDN Update Abstraction for Supporting Inter-Flow Constraints


Weijie Liu, Rakesh B. Bobba, Sibin Mohan, and Roy H. Campbell

12:30 pm Lunch Break
1:30 pm Keynote

Security Challenges and Opportunities in the Future Internet

Ken Calvert, University of Kentucky

2:30 pm Coffee Break
3:00 pm Panel Discussion

Interactions between Security and Systems Researchers in FIA efforts

4:00 pm The Resilience of the Internet to Colluding Country Induced Connectivity DisruptionsPeter Mell, Richard Harang, and Assane Gueye
4:30 pm Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS

Stephanos Matsumoto and Raphael M. Reischuk

 5:00 pm Towards Practical Infrastructure for Decoy Routing

Sambuddho Chakravarty, Vinayak Naik, Hrishikesh B. Acharya, and Chaitanya Singh Tanwar

 

Keynote: Living in a World of Decentralized Data

Dr. Burt Kaliski Jr. is senior vice president and chief technology officer of Verisign, where he is responsible for developing the company’s long-term technology vision. He is the leader of Verisign Labs, which focuses on applied research, university collaboration, industry thought leadership and intellectual property strategy. He also facilitates the technical community within Verisign.
Prior to joining Verisign in 2011, Kaliski served as the founding director of the EMC Innovation Network, the global collaboration among EMC’s research and advanced technology groups and its university partners. He joined EMC from RSA Security, where he served as vice president of research and chief scientist. Kaliski started his career at RSA in 1989, where as the founding scientist of RSA Laboratories, his contributions included the development of the Public-Key Cryptography Standards (PKCS), now widely deployed in internet security.
Kaliski has held appointments as a guest professor at Wuhan University’s College of Computer Science, and as a guest professor and member of the international advisory board of Peking University’s School of Software and Microelectronics. He has also taught at Stanford University and Rochester Institute of Technology.

Congestion Attacks to Autonomous Cars Using Vehicular Botnets

The increasing popularity and acceptance of VANETs will make the deployment of autonomous vehicles easier and faster since the VANET will reduce dependence on expensive sensors. However, these benefits are counterbalanced by possible security attacks. We demonstrate a VANET-based botnet attack in an autonomous vehicle scenario that can cause serious congestion by targeting hot spot road segments. We show via simulation that the attack can increase the trip times of the cars in the targeted area by orders of magnitude. After 5 minutes, the targeted road becomes completely unusable. More importantly, the effect of such an attack is not confined to a specific hotspot; the congestion can spread to multiple roads and significantly affect the entire urban grid. We show that current countermeasures are not effective, and point to new possible defenses.

Mevlut Turker Garip, Mehmet Emre Gursoy, Peter Reiher, and Mario Gerla

Classification of Quantum Repeater Attacks

In this paper, we discuss and classify attacks on quantum repeater systems. As engineers working in both classical and quantum networking, we naturally wish to apply the lessons learned in classical networks to minimize security issues with developing quantum networks. We have modeled quantum repeater network nodes, pointed out attack vectors, then analyzed attacks in terms of confidentiality, integrity and availability. While we are reassured about the promises of quantum networks from the confidentiality point of view, we observed that the requirements on the classical computing/networking element affect the systems’ overall security risks. We believe further study, especially on coordinated action between the quantum and classical parts, is important as we approach actual implementation of the Quantum Internet.

Shigeya Suzuki and Rodney Van Meter

Towards Autonomic DDoS Mitigation using Software Defined Networking

Distributed Denial of Service attacks (DDoS) have remained as one of the most destructive attacks in the Internet for over two decades. Despite tremendous efforts on the design of DDoS defense strategies, few of them have been considered for widespread deployment due to strong design assumptions on the Internet infrastructure, prohibitive operational costs and complexity. Recently, the emergence of Software Defined Networking (SDN) has offered a solution to reduce network management complexity. It is also believed to facilitate security management thanks to its programmability. To explore the advantages of using SDN to mitigate DDoS attacks, we propose a distributed collaborative framework to allow the customers to request DDoS mitigation service from ISPs. Upon the request, ISPs can change the label of the anomalous traffic and redirect them to security middleboxes, while attack detection and analysis modules are deployed at customer side, avoiding privacy leakage and other legal issues. Our work reported in this paper can be seen as one of the first attempts towards autonomic DDoS mitigation through the careful examination of the self-management capability of SDN. The prototype and preliminary analysis demonstrate that SDN has promising potential to enable autonomic mitigation of DDoS attacks, as well as other large-scale attacks.

Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, and Hervé Debar

Inter-Flow Consistency: Novel SDN Update Abstraction for Supporting Inter-Flow Constraints

Software Defined Networks (SDN) gained a lot of attention both in industry and academia by providing flexibility in network management. With decoupled control and data plane, operators find it more convenient to configure and update their networks. However, transitional states of SDN during updates may be a combination of the old and new network configurations. This may lead to incorrectness in forwarding behaviors and security vulnerabilities. In this paper, we propose a novel abstraction for network update consistency, inter-flow consistency, that accounts for relationships and constraints among different flows during network updates. For two basic inter-flow consistency relationships, spatial isolation and version isolation, we propose an update scheduling algorithm based on dependency graphs, a data structure revealing dependency among different update operations and network elements. We also implement a prototype system with a Mininet Openflow network for spatial isolation and undertake a preliminary performance evaluation of our solution.

Weijie Liu, Rakesh B. Bobba, Sibin Mohan, and Roy H. Campbell

Keynote: Security Challenges and Opportunities in the Future Internet

Novel paradigms, new technologies, and escalating tussles make this the most interesting period in recent memory for networking research. Because of the Internet’s role as critical infrastructure, security considerations will continue to play a central role in the quest for the next generation architecture. In this talk we will consider some recent developments and ask two questions: “[How] Will this make the Internet better/more secure?” and “What obstacles remain to be overcome?” We will focus mainly on information-centric networking, economic tussles, and the challenge of evolving the network architecture at the network layer and above. Ken Calvert is Gartner Group Professor in Network Engineering at the University of Kentucky. His research deals with the design and implementation of advanced network protocols and services. Current interests include ChoiceNet, an effort to encourage innovation through competition by developing an “economy plane” for the future Internet; privacy-preserving methods of collecting data on home network usage; and information-centric networking. He developed one of the first widely-used tools for modeling the topology of the Internet, and is the coauthor of several introductory books on network programming. He is a member of the ACM and a Fellow of the IEEE.

Ken Calvert, University of Kentucky

Panel Discussion: Challenges of Building Security into Large Networking Systems – the case of NSF Future Internet Architectures (FIA)

Participants

  • Darleen Fisher (NSF)
  • J. Alex Halderman (U Michigan)
  • Antonio Nicolosi (Stevens)
  • Adrian Perrig (ETH Zurich)
  • Arun Venkataramani (UMass)

The NSF Future Internet Architectures (FIA) program is an unprecedented effort that funded four large research initiatives with the goal of developing a set of candidate replacement architectures for the current IP-based Internet. NSF FIA emphasized security and privacy by design (i.e., from the outset), for each project: Nebula, MobilityFirst, NDN and XIA. To this end, each project team prominently featured both networking and security researchers. Such large-scale and long-term collaboration between the two research communities is rare, but might become more prevalent in future large scale systems research projects. Furthermore, effective collaboration became one of the key contributors to each project’s success.

Four years after initial funding, with the first (research-focused) phase of the FIA program completed, this panel aims to gather a group of researchers from both communities and take an honest look back at successes, failures and fundamental challenges arising from trying to design security into networking systems and in the security/networking collaboration.

The Resilience of the Internet to Colluding Country Induced Connectivity Disruptions

We show that the strength of Internet-based network interconnectivity of countries is increasing over time. We then evaluate bounds on the extent to which a group of colluding countries can disrupt this connectivity. We evaluate the degree to which a group of countries can disconnect two other countries, isolate a set of countries from the Internet, or even break the Internet up into non-communicative clusters. To do this, we create an interconnectivity map of the worldwide Internet routing infrastructure at a country level of abstraction. We then examine how groups of countries may use their pieces of routing infrastructure to filter out the traffic of other countries (or to block entire routes). Overall, bounds analysis indicates that the ability of countries to perform such disruptions to connectivity has diminished significantly from 2008 to 2013. However, we show that the majority of the gains in robustness go to countries that had already displayed significant robustness to the types of attacks that we consider. The countries that displayed higher initial vulnerability to such attacks did not become significantly more robust over the time period of analysis.

Peter Mell, Richard Harang, and Assane Gueye

Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS

We propose to leverage accountability mechanisms to deal with trust-related security incidents of certification authorities (CAs) in the SSL/TLS public-key infrastructure (PKI). We argue that, despite recent advances in securing certificate issuance and verification, the TLS PKI does not sufficiently incentivize careful identity verification by CAs during certificate issuance or provide CA accountability in the event of a certificate compromise. We propose a new paradigm, Certificates-as-an-Insurance, to hold CAs accountable for misbehavior by using insurance policies and benefits negotiated between the CA and the domain. We sketch our insurance model as an extension of the existing certification model and identify challenges in our approach for future research.

Stephanos Matsumoto and Raphael M. Reischuk

Towards Practical Infrastructure for Decoy Routing

Network censorship and surveillance generally involves ISPs, working under the orders of repressive regimes, monitoring (and sometimes filtering) users’ traffic, often using powerful networking devices, e.g. routers capable of performing Deep Packet Inspection (DPI). Such routers enables their operators to observe contents of network flows (traversing their routers) having specific byte sequences. Tor, a low-latency anonymity network has also been widely used to circumvent censorship and surveillance. However, recent efforts have shown that all anti-censorship measures employable using Tor, e.g. Bridges (unadvertised relays) or camouflaging Tor traffic as unfiltered protocol messages (e.g. SkypeMorph), are detectable. To bypass this arms race, several recent efforts propose network based anti- censorship systems, collectively and colloquially referred to as Decoy Routers. Decoy Routing systems, relying on “friendly” network routers, aid users behind censorious ISPs to covertly access filtered networks. These Decoy Routers, otherwise operating as “normal” network routers, can on-demand double as Decoy Routers, for- warding network traffic of censored users to covert destinations. Such architectures however assume complex functionalities and programmable capabilities in commodity network routers, that currently seem infeasible. However Software Defined Networking (SDN), the emergent network design and management paradigm, involving centralized control over a network of switches, seems well suited for such requirements. In this paper, we present the overview of a network based anti-censorship system consisting of several centrally co-ordinated switches, operating as Decoy Routers. Deploying centrally controlled switches, that double as Decoy Routers, could potentially have several advantages over existing proposal, that have until now only been prototyped through commodity desktops – efficiency to switch traffic at line speeds, detecting maliciously behaving switches, cascading multiple Decoy Routers to assume a hybrid posture for providing both anonymity and censorship resistance, load-balancing, and automatic failover.

Sambuddho Chakravarty, Vinayak Naik, Hrishikesh B. Acharya, and Chaitanya Singh Tanwar