Do we have the time for IRM?: Service denial attacks and SDN-based defences

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

Abstract

Distributed sensor networks such as IoT deployments generate large quantities of measurement data. Often, the analytics that runs on this data is available as a web service which can be purchased for a fee. A major concern in the analytics ecosystem is ensuring the security of the data. Often, companies offer Information Rights Management (IRM) as a solution to the problem of managing usage and access rights of the data that transits administrative boundaries. IRM enables individuals and corporations to create restricted IoT data, which can have its flow from organisation to individual control - disabling copying, forwarding, and allowing timed expiry. We describe our investigations into this functionality and uncover a weak-spot in the architecture - its dependence upon the accurate global availability of time. We present an amplified denial-of-service attack which attacks time synchronisation and could prevent all the users in an organisation from reading any sort of restricted data until their software has been re-installed and re-configured. We argue that IRM systems built on current technology will be too fragile for businesses to risk widespread use. We also present defences that leverage the capabilities of Software-Defined Networks to apply a simple filter-based approach to detect and isolate attack traffic.

LanguageEnglish
Title of host publicationICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking
Place of PublicationNew York
Pages496-501
Number of pages6
ISBN (Electronic)9781450360944
DOIs
Publication statusPublished - 4 Jan 2019
Event20th International Conference on Distributed Computing and Networking, ICDCN 2019 - Bangalore, India
Duration: 4 Jan 20197 Jan 2019

Conference

Conference20th International Conference on Distributed Computing and Networking, ICDCN 2019
CountryIndia
CityBangalore
Period4/01/197/01/19

Fingerprint

Industry
Copying
Ecosystems
Web services
Sensor networks
Synchronization
Availability
Software defined networking
Internet of things
Denial-of-service attack

Keywords

  • security
  • SDN
  • DRM

Cite this

Shah, R., & Nagaraja, S. (2019). Do we have the time for IRM? Service denial attacks and SDN-based defences. In ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking (pp. 496-501). New York. https://doi.org/10.1145/3288599.3295582
Shah, Ryan ; Nagaraja, Shishir. / Do we have the time for IRM? Service denial attacks and SDN-based defences. ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking. New York, 2019. pp. 496-501
@inproceedings{00e12921f9fa4373b6b7534688971c0a,
title = "Do we have the time for IRM?: Service denial attacks and SDN-based defences",
abstract = "Distributed sensor networks such as IoT deployments generate large quantities of measurement data. Often, the analytics that runs on this data is available as a web service which can be purchased for a fee. A major concern in the analytics ecosystem is ensuring the security of the data. Often, companies offer Information Rights Management (IRM) as a solution to the problem of managing usage and access rights of the data that transits administrative boundaries. IRM enables individuals and corporations to create restricted IoT data, which can have its flow from organisation to individual control - disabling copying, forwarding, and allowing timed expiry. We describe our investigations into this functionality and uncover a weak-spot in the architecture - its dependence upon the accurate global availability of time. We present an amplified denial-of-service attack which attacks time synchronisation and could prevent all the users in an organisation from reading any sort of restricted data until their software has been re-installed and re-configured. We argue that IRM systems built on current technology will be too fragile for businesses to risk widespread use. We also present defences that leverage the capabilities of Software-Defined Networks to apply a simple filter-based approach to detect and isolate attack traffic.",
keywords = "security, SDN, DRM",
author = "Ryan Shah and Shishir Nagaraja",
year = "2019",
month = "1",
day = "4",
doi = "10.1145/3288599.3295582",
language = "English",
pages = "496--501",
booktitle = "ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking",

}

Shah, R & Nagaraja, S 2019, Do we have the time for IRM? Service denial attacks and SDN-based defences. in ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking. New York, pp. 496-501, 20th International Conference on Distributed Computing and Networking, ICDCN 2019, Bangalore, India, 4/01/19. https://doi.org/10.1145/3288599.3295582

Do we have the time for IRM? Service denial attacks and SDN-based defences. / Shah, Ryan; Nagaraja, Shishir.

ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking. New York, 2019. p. 496-501.

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - Do we have the time for IRM?

T2 - Service denial attacks and SDN-based defences

AU - Shah, Ryan

AU - Nagaraja, Shishir

PY - 2019/1/4

Y1 - 2019/1/4

N2 - Distributed sensor networks such as IoT deployments generate large quantities of measurement data. Often, the analytics that runs on this data is available as a web service which can be purchased for a fee. A major concern in the analytics ecosystem is ensuring the security of the data. Often, companies offer Information Rights Management (IRM) as a solution to the problem of managing usage and access rights of the data that transits administrative boundaries. IRM enables individuals and corporations to create restricted IoT data, which can have its flow from organisation to individual control - disabling copying, forwarding, and allowing timed expiry. We describe our investigations into this functionality and uncover a weak-spot in the architecture - its dependence upon the accurate global availability of time. We present an amplified denial-of-service attack which attacks time synchronisation and could prevent all the users in an organisation from reading any sort of restricted data until their software has been re-installed and re-configured. We argue that IRM systems built on current technology will be too fragile for businesses to risk widespread use. We also present defences that leverage the capabilities of Software-Defined Networks to apply a simple filter-based approach to detect and isolate attack traffic.

AB - Distributed sensor networks such as IoT deployments generate large quantities of measurement data. Often, the analytics that runs on this data is available as a web service which can be purchased for a fee. A major concern in the analytics ecosystem is ensuring the security of the data. Often, companies offer Information Rights Management (IRM) as a solution to the problem of managing usage and access rights of the data that transits administrative boundaries. IRM enables individuals and corporations to create restricted IoT data, which can have its flow from organisation to individual control - disabling copying, forwarding, and allowing timed expiry. We describe our investigations into this functionality and uncover a weak-spot in the architecture - its dependence upon the accurate global availability of time. We present an amplified denial-of-service attack which attacks time synchronisation and could prevent all the users in an organisation from reading any sort of restricted data until their software has been re-installed and re-configured. We argue that IRM systems built on current technology will be too fragile for businesses to risk widespread use. We also present defences that leverage the capabilities of Software-Defined Networks to apply a simple filter-based approach to detect and isolate attack traffic.

KW - security

KW - SDN

KW - DRM

UR - http://www.scopus.com/inward/record.url?scp=85060917556&partnerID=8YFLogxK

U2 - 10.1145/3288599.3295582

DO - 10.1145/3288599.3295582

M3 - Conference contribution book

SP - 496

EP - 501

BT - ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking

CY - New York

ER -

Shah R, Nagaraja S. Do we have the time for IRM? Service denial attacks and SDN-based defences. In ICDCN 2019 - Proceedings of the 2019 International Conference on Distributed Computing and Networking. New York. 2019. p. 496-501 https://doi.org/10.1145/3288599.3295582