Authenticating Endpoints and Vetting Connections in Residential Networks

Yu Liu; Curtis R. Taylor; Craig A. Shue

doi:10.1109/ICCNC.2019.8685568

Authenticating Endpoints and Vetting Connections in Residential Networks

Yu Liu
, Curtis R. Taylor
, Craig A. Shue

Embedded Systems Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

The security of residential networks can vary greatly. These networks are often administrated by end-users who may lack security expertise or the resources to adequately defend their networks. Insecure residential networks provide attackers with opportunities to infiltrate systems and create a platform for launching powerful attacks. To address these issues, we introduce a new approach that uses software-defined networking (SDN) to allow home users to outsource their security maintenance to a cloud-based service provider. Using this architecture, we show how a novel network-based two-factor authentication approach can be used to protect Internet of Things devices. Our approach works without requiring modifications to end-devices. We further show how security modules can enforce protocol messages to limit the attack surface in vulnerable devices. Our analysis shows that the system is effective and adds less than 50 milliseconds of delay to the start of a connection with less than 100 microseconds of delay for subsequent packets.

Original language	English
Title of host publication	2019 International Conference on Computing, Networking and Communications, ICNC 2019
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	136-140
Number of pages	5
ISBN (Electronic)	9781538692233
DOIs	https://doi.org/10.1109/ICCNC.2019.8685568
State	Published - Apr 8 2019
Event	2019 International Conference on Computing, Networking and Communications, ICNC 2019 - Honolulu, United States Duration: Feb 18 2019 → Feb 21 2019

Publication series

Name	2019 International Conference on Computing, Networking and Communications, ICNC 2019

Conference

Conference	2019 International Conference on Computing, Networking and Communications, ICNC 2019
Country/Territory	United States
City	Honolulu
Period	02/18/19 → 02/21/19

Funding

This material is based upon work supported by the National Science Foundation under Grant No. 1651540. ACKNOWLEDGMENTS This material is based upon work supported by the National Science Foundation under Grant No. 1651540.

Keywords

residential networks
software-defined networking
two-factor authentication

Access to Document

10.1109/ICCNC.2019.8685568

Cite this

Liu, Y., Taylor, C. R., & Shue, C. A. (2019). Authenticating Endpoints and Vetting Connections in Residential Networks. In 2019 International Conference on Computing, Networking and Communications, ICNC 2019 (pp. 136-140). Article 8685568 (2019 International Conference on Computing, Networking and Communications, ICNC 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCNC.2019.8685568

@inproceedings{27c22124b80f4e73b03222c47497686f,

title = "Authenticating Endpoints and Vetting Connections in Residential Networks",

abstract = "The security of residential networks can vary greatly. These networks are often administrated by end-users who may lack security expertise or the resources to adequately defend their networks. Insecure residential networks provide attackers with opportunities to infiltrate systems and create a platform for launching powerful attacks. To address these issues, we introduce a new approach that uses software-defined networking (SDN) to allow home users to outsource their security maintenance to a cloud-based service provider. Using this architecture, we show how a novel network-based two-factor authentication approach can be used to protect Internet of Things devices. Our approach works without requiring modifications to end-devices. We further show how security modules can enforce protocol messages to limit the attack surface in vulnerable devices. Our analysis shows that the system is effective and adds less than 50 milliseconds of delay to the start of a connection with less than 100 microseconds of delay for subsequent packets.",

keywords = "residential networks, software-defined networking, two-factor authentication",

author = "Yu Liu and Taylor, \{Curtis R.\} and Shue, \{Craig A.\}",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 2019 International Conference on Computing, Networking and Communications, ICNC 2019 ; Conference date: 18-02-2019 Through 21-02-2019",

year = "2019",

month = apr,

day = "8",

doi = "10.1109/ICCNC.2019.8685568",

language = "English",

series = "2019 International Conference on Computing, Networking and Communications, ICNC 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "136--140",

booktitle = "2019 International Conference on Computing, Networking and Communications, ICNC 2019",

}

Liu, Y, Taylor, CR & Shue, CA 2019, Authenticating Endpoints and Vetting Connections in Residential Networks. in 2019 International Conference on Computing, Networking and Communications, ICNC 2019., 8685568, 2019 International Conference on Computing, Networking and Communications, ICNC 2019, Institute of Electrical and Electronics Engineers Inc., pp. 136-140, 2019 International Conference on Computing, Networking and Communications, ICNC 2019, Honolulu, United States, 02/18/19. https://doi.org/10.1109/ICCNC.2019.8685568

Authenticating Endpoints and Vetting Connections in Residential Networks. / Liu, Yu; Taylor, Curtis R.; Shue, Craig A.
2019 International Conference on Computing, Networking and Communications, ICNC 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 136-140 8685568 (2019 International Conference on Computing, Networking and Communications, ICNC 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Authenticating Endpoints and Vetting Connections in Residential Networks

AU - Liu, Yu

AU - Taylor, Curtis R.

AU - Shue, Craig A.

PY - 2019/4/8

Y1 - 2019/4/8

N2 - The security of residential networks can vary greatly. These networks are often administrated by end-users who may lack security expertise or the resources to adequately defend their networks. Insecure residential networks provide attackers with opportunities to infiltrate systems and create a platform for launching powerful attacks. To address these issues, we introduce a new approach that uses software-defined networking (SDN) to allow home users to outsource their security maintenance to a cloud-based service provider. Using this architecture, we show how a novel network-based two-factor authentication approach can be used to protect Internet of Things devices. Our approach works without requiring modifications to end-devices. We further show how security modules can enforce protocol messages to limit the attack surface in vulnerable devices. Our analysis shows that the system is effective and adds less than 50 milliseconds of delay to the start of a connection with less than 100 microseconds of delay for subsequent packets.

AB - The security of residential networks can vary greatly. These networks are often administrated by end-users who may lack security expertise or the resources to adequately defend their networks. Insecure residential networks provide attackers with opportunities to infiltrate systems and create a platform for launching powerful attacks. To address these issues, we introduce a new approach that uses software-defined networking (SDN) to allow home users to outsource their security maintenance to a cloud-based service provider. Using this architecture, we show how a novel network-based two-factor authentication approach can be used to protect Internet of Things devices. Our approach works without requiring modifications to end-devices. We further show how security modules can enforce protocol messages to limit the attack surface in vulnerable devices. Our analysis shows that the system is effective and adds less than 50 milliseconds of delay to the start of a connection with less than 100 microseconds of delay for subsequent packets.

KW - residential networks

KW - software-defined networking

KW - two-factor authentication

UR - https://www.scopus.com/pages/publications/85064981561

U2 - 10.1109/ICCNC.2019.8685568

DO - 10.1109/ICCNC.2019.8685568

M3 - Conference contribution

AN - SCOPUS:85064981561

T3 - 2019 International Conference on Computing, Networking and Communications, ICNC 2019

SP - 136

EP - 140

BT - 2019 International Conference on Computing, Networking and Communications, ICNC 2019

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2019 International Conference on Computing, Networking and Communications, ICNC 2019

Y2 - 18 February 2019 through 21 February 2019

ER -

Liu Y, Taylor CR, Shue CA. Authenticating Endpoints and Vetting Connections in Residential Networks. In 2019 International Conference on Computing, Networking and Communications, ICNC 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 136-140. 8685568. (2019 International Conference on Computing, Networking and Communications, ICNC 2019). doi: 10.1109/ICCNC.2019.8685568

Authenticating Endpoints and Vetting Connections in Residential Networks

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this