Paper-Conference

Time To Scan: Digging into NTP-based IPv6 Scanning

Due to its large address space, IPv6 remains a challenge for Internet measurements. Thus, IPv6 scans often resort to hitlists that, however, mainly cover core Internet infrastructure and servers. Contrarily, a recent approach to source addresses leveraging NTP servers promises to discover more user-related hosts. Yet, an in-depth analysis of hosts found by this approach is missing and its impact remains unclear. In this paper, we close this gap by sourcing client IPv6 addresses from our NTP Pool servers and scanning related hosts. We get 3040325302 IPv6 addresses, unveiling 283867 deployments of consumer products underrepresented in a state-of-the-art hitlist, only leading to 37858 finds. Security-wise, we find that only 28.4% of 73975 NTP-sourced SSH and IoT-related hosts appear to be securely configured, compared to 43.5% of 854704 hosts in the hitlist, revealing previously underestimated security issues. Last, we switch sides and identify first (covert) actors adopting NTP-based address sourcing in their scanning.

Emulating and Evaluating Transport Layer Protocols for Resilient Communication in Smart Grids

The increasing integration of decentralized renewable energy resources and the drive for greater efficiency have accelerated the transition from traditional power grids to smart grids. This shift necessitates robust communication architectures to ensure grid stability and prevent blackouts. Fast and reliable communication is especially critical for exchanging measurements and configurations in adaptive grid protection systems, which must be resilient to link and device failures. Allowing the use of multiple communication paths within a single TCP connection, Multipath TCP (MPTCP)'s benefits have been well-researched in other domains but its potential for smart grids remains unexplored. In this paper, we address this gap by conducting a large-scale emulation of a real electric power distribution system's communication network, incorporating context-specific hardware. Our evaluation shows the feasibility and benefits of MPTCP for realizing failovers in smart grids compared to TCP and QUIC and explores the trade-offs of MPTCP's default and redundant schedulers in terms of usability and performance.

MapXchange: Designing a Confidentiality-Preserving Platform for Exchanging Technology Parameter Maps

Technology parameter maps summarize experiences with specific parameters in production processes, e.g., milling, and significantly help in designing new or improving existing production processes. Businesses could greatly benefit from globally exchanging such existing knowledge across organizations to optimize their processes. Unfortunately, confidentiality concerns and the lack of appropriate designs in existing data space frameworks—both in academia and industry—greatly impair respective actions in practice. To address this research gap, we propose MapXchange, our homomorphic encryption-based approach to combine technology parameters from different organizations into technology parameter maps while accounting for the confidentiality needs of involved businesses. Central to our design is that it allows for local modifications (updates) of these maps directly at the exchange platform. Moreover, data consumers can query them, without involving data providers, to eventually improve their setups. By evaluating a real-world use case in the domain of milling, we further underline MapXchange's performance, security, and utility for businesses.

Resilient Control Center to Substation Device Communication

Resilient communication is essential for reliably exchanging parameters and measurements in distribution systems. Thus, deploying redundant hardware for both local and wide area communication, along with protocols that leverage these redundancies for automatic and timely failovers, is fundamental. This paper presents a comprehensive overview of key protocols (PRP/HSR, MPLS-TP, and MPTCP) which offer robust recovery mechanisms. Additionally, it provides a specific concept and topology that effectively combine the presented protocols to ensure resilient communication from the control center to substation devices.

LUA-IoT: Let's Usably Authenticate the IoT

Following the advent of the Internet of Things (IoT), users and their devices transmit sensitive data over the Internet. For the Web, Let’s Encrypt offers a usable foundation to safeguard such data by straightforwardly issuing certificates. However, its approach is not directly applicable to the IoT as deployments lack a (dedicated) domain or miss essentials to prove domain ownership required for Let’s Encrypt. Thus, a usable approach to secure IoT deployments by properly authenticating IoT devices is missing. To close this research gap, we propose LUA-IoT, our framework to Let’s Usably Authenticate the IoT. LUA-IoT enables autonomous certificate enrollment by orienting at the success story of Let’s Encrypt, seamlessly integrating in the setup process of modern IoT devices, and relying on process steps that users already know from other domains. In the end, LUA-IoT binds the authenticity of IoT deployments to a globally valid user identifier, e.g., an email address, that is included in certificates directly issued to the IoT deployments. We exemplarily implement LUA-IoT to show that it is realizable on commodity IoT hardware and conduct a small user study indicating that LUA-IoT indeed nudges users to safeguard their devices and data (transmissions).

Reliable and Secure Control Center to Station Device Communication

The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems. In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy.

Unconsidered Installations: Discovering IoT Deployments in the IPv6 Internet

Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data.

Protocol Security in the Industrial Internet of Things

Advances like Industry 4.0 lead to a rising number of Internet-connected industrial deployments and thus an Industrial Internet of Things with growing attack vectors. To uphold a secure and safe operation of these deployments, industrial protocols nowadays include security features, e.g., end-to-end secure communication. However, so far, it is unclear how well these features are used in practice and which obstacles might prevent operators from securely running their deployments. In this research description paper, we summarize our recent research activities to close this gap. Specifically, we show that even secure-by-design protocols are by far no guarantee for secure deployments. Instead, many deployments still open the doors for eavesdropping attacks or malicious takeovers. Additionally, we give an outlook on how to overcome identified obstacles allowing operators to configure their deployments more securely.

Collectively Enhancing IoT Security: A Privacy-Aware Crowd-Sourcing Approach

Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario.

Poster: Bridging Trust Gaps: Data Usage Transparency in Federated Data Ecosystems