More Web Proxy on the site http://driver.im/

research-article

Toward Usable Network Traffic Policies for IoT Devices in Consumer Networks

Authors:

Nicholas DeMarinis,

Rodrigo FonsecaAuthors Info & Claims

IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

Pages 43 - 48

https://doi.org/10.1145/3139937.3139949

Published: 03 November 2017 Publication History

Abstract

The Internet of Things (IoT) revolution has brought millions of small, low-cost, connected devices into our homes, cities, infrastructure, and more. However, these devices are often plagued by security vulnerabilities that pose threats to user privacy or can threaten the Internet architecture as a whole. Home networks can be particularly vulnerable to these threats as they typically have no network administrator and often contain unpatched or otherwise vulnerable devices.

In this paper, we argue that the unique security challenges of home networks require a new network-layer architecture to both protect against external threats and mitigate attacks from compromised devices. We present initial findings based on traffic analysis from a small-scale IoT testbed toward identifying predictable patterns in IoT traffic that may allow construction of a policy-based framework to restrict malicious traffic. Based on our observations, we discuss key features for the design of this architecture to promote future developments in network-layer security in smart home networks.

References

[1]

Amazon 2017. Amazon Echo Dot. (2017). Retrieved August 18, 2017 from https://goo.gl/nMD3Wk

[2]

Apple 2017. HomeKit. (2017). Retrieved August 18, 2017 from https://www.apple.com/ios/home/

[3]

Dahua Technology Co. 2017. Dahua IPC-HCB4300C. (2017). Retrieved August 18, 2017 from https://goo.gl/Js1dMo

[4]

Nick Feamster. 2010. Outsourcing home network security. In Proceedings of the 2010 ACM SIGCOMM workshop on Home networks. ACM, 37--42.

Digital Library

[5]

Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security Analysis of Emerging Smart Home Applications Proceedings of the 37th IEEE Symposium on Security and Privacy.

[6]

Earlence Fernandes, Justin Paupore, Amir Rahmati, Daniel Simionato, Mauro Conti, and Atul Prakash. 2016. FlowFence: Practical Data Protection for Emerging IoT Application Frameworks Proceedings of the 25th USENIX Security Symposium.

[7]

Google 2017. Google Chromecast. (2017). Retrieved August 18, 2017 from https://www.google.com/chromecast/tv/chromecast/

[8]

Sarthak Grover and Nick Feamster. 2016. The Internet of Unpatched Things. Proc. FTC PrivacyCon (2016).

[9]

Alex Hern. 2016. Search engine lets users find live video of sleeping babies. The Guardian (January 2016). Retrieved August 18, 2017 from https://goo.gl/BM2FTD

[10]

Troy Hunt. 2017. Data from connected CloudPets teddy bears leaked and ransomed, exposing kids' voice messages. Personal Blog, https://goo.gl/TXnlLh. (February 2017).

[11]

Brian Krebs. 2016. Hacked Cameras, DVRs Powered Today's Massive Internet Outage. (2016). Retrieved August 18, 2017 from https://goo.gl/eEZOMW

[12]

Yair Meidan, Michael Bohadana, Asaf Shabtai, Juan David Guarnizo, Martín Ochoa, Nils Ole Tippenhauer, and Yuval Elovici. 2017. ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis. In Proceedings of the Symposium on Applied Computing. ACM, 506--509.

Digital Library

[13]

Peter Middleton. 2017. Forecast Analysis: Internet of Things - Endpoints, Worldwide, 2016 Update. Gartner Database (ID: G00302435). (February 2017).

[14]

Arsalan Mohsen Nia and Niraj K. Jha. 2016. A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing (2016).

[15]

Mehdi Nobakht, Vijay Sivaraman, and Roksana Boreli. 2016. A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow Availability, Reliability and Security (ARES), 2016 11th International Conference on. IEEE, 147--156.

[16]

OpenWRT. 2017. OpenWRT. (2017). https://openwrt.org.

[17]

OpenWRT. 2017. OpenWRT: Table of Hardware. (2017). Retrieved August 18, 2017 from https://wiki.openwrt.org/toh/start

[18]

Laura Rafferty, Farkhund Iqbal, and Patrick C. K. Hung. 2017. A Security Threat Analysis of Smart Home Network with Vulnerable Dynamic Agents. Computing in Smart Toys. Springer, 127--147.

[19]

Shahid Raza, Linus Wallgren, and Thiemo Voigt. 2013. SVELTE: Real-time intrusion detection in the Internet of Things. Ad hoc networks, Vol. 11, 8 (2013), 2661--2674.

Digital Library

[20]

Eyal Ronen, Colin O'Flynn, Adi Shamir, and Achi-Or Weingarten. 2016. IoT Goes Nuclear: Creating a ZigBee Chain Reaction. Cryptology ePrint Archive, Report 2016/1047. (2016). http://eprint.iacr.org/2016/1047.

[21]

Samsung. 2017. SmartThings. (2017). Retrieved August 18, 2017 from https://www.smartthings.com

[22]

Samsung. 2017. SmartThings Developer Documentation: Architecture. (2017). Retrieved August 18, 2017 from http://docs.smartthings.com/en/latest/architecture/index.html

[23]

Bruce Schneier. 2014. The Internet of Things Is wildly insecure - and often unpatchable. (2014). Retrieved August 18, 2017 from https://goo.gl/a7sxjn

[24]

Craig A. Shue, Andrew J. Kalafut, Mark Allman, and Curtis R. Taylor 2012. On building inexpensive network capabilities. ACM SIGCOMM Computer Communication Review Vol. 42, 2 (2012), 72--79.

Digital Library

[25]

TP-Link Technologies Co. 2017. TP-Link TL-WR1043ND V1 Router. (2017). https://goo.gl/OLwXYY.

[26]

TP-Link Technologies Co. 2017. TP-Link Wi-Fi Smart Plug HS100. (2017). Retrieved August 18, 2017 from https://goo.gl/3IMBR5

[27]

Veracode. 2017. The Internet of Things: Security Research Study. (2017). Retrieved August 18, 2017 from https://www.veracode.com/sites/default/files/Resources/Whitepapers/internet-of-things-whitepaper.pdf

[28]

Tianlong Yu, Vyas Sekar, Srinivasan Seshan, Yuvraj Agarwal, and Chenren Xu. 2015. Handling a Trillion (Unfixable) Flaws on a Billion Devices: Rethinking Network Security for the Internet-of-Things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (HotNets-XIV). ACM, New York, NY, USA, Article 5, 7 pages. https://doi.org/10.1145/2834050.2834095

Digital Library

Cited By

He WBryson KCalderon RPrakash VFeamster NHuang DUr B(2024)Can Allowlists Capture the Variability of Home IoT Device Network Behavior?2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00015(114-138)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00015
Lübben CPahl M(2023)Distributed Device-Specific Anomaly Detection using Deep Feed-Forward Neural NetworksNOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS56928.2023.10154360(1-9)Online publication date: 8-May-2023
https://doi.org/10.1109/NOMS56928.2023.10154360
Liu LEssam DLynar T(2022)Complexity Measures for IoT Network TrafficIEEE Internet of Things Journal10.1109/JIOT.2022.31973239:24(25715-25735)Online publication date: 15-Dec-2022
https://doi.org/10.1109/JIOT.2022.3197323
Show More Cited By

Index Terms

Toward Usable Network Traffic Policies for IoT Devices in Consumer Networks
1. Networks
  1. Network types
    1. Home networks
2. Security and privacy

Recommendations

Collaboration between Security Devices toward improving Network Defense
ICIS '08: Proceedings of the Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008)

Internet technologies have been applied to many areas such as tax payments, electronic auctions, electronic commerce, electronic voting; so it is very important to protect these applications and network devices from data tapped or counterfeited by ...
A Lightweight Vulnerability Mitigation Framework for IoT Devices
IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

Many of today's Internet of Things (IoT) devices are vulnerable due to the large amount of overhead incurred when their operating systems are patched against emerging vulnerabilities. In addition, legacy IoT devices are no longer supported by their ...
Convergence of Blockchain Enabled Internet of Things (IoT) Framework: A Survey
Ubiquitous Networking
Abstract
Recent research and experiments in the field of Internet of Things (IoT) security have found that these devices are vulnerable to various attacks, ranging from cyber-attacks to physical attacks on devices. Internet of Things (IoTs) have certain ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

November 2017

90 pages

ISBN:9781450353960

DOI:10.1145/3139937

General Chairs:
Peng Liu
Penn State University, USA
,
Yuqing Zhang
University of Chinese Academy of Sciences, China
,
Program Chairs:
Theophilus Benson
Brown University, USA
,
Srikanth Sundaresan
Princeton University, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '17

Sponsor:

SIGSAC

CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security

November 3, 2017

Texas, Dallas, USA

Acceptance Rates

IoTS&P '17 Paper Acceptance Rate 12 of 30 submissions, 40%;

Overall Acceptance Rate 12 of 30 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
494
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)1

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

He WBryson KCalderon RPrakash VFeamster NHuang DUr B(2024)Can Allowlists Capture the Variability of Home IoT Device Network Behavior?2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00015(114-138)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00015
Lübben CPahl M(2023)Distributed Device-Specific Anomaly Detection using Deep Feed-Forward Neural NetworksNOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS56928.2023.10154360(1-9)Online publication date: 8-May-2023
https://doi.org/10.1109/NOMS56928.2023.10154360
Liu LEssam DLynar T(2022)Complexity Measures for IoT Network TrafficIEEE Internet of Things Journal10.1109/JIOT.2022.31973239:24(25715-25735)Online publication date: 15-Dec-2022
https://doi.org/10.1109/JIOT.2022.3197323
Cobb CBhagavatula SGarrett KHoffman ARao VBauer L(2021)“I would have to evaluate their objections”: Privacy tensions between smart home device owners and incidental usersProceedings on Privacy Enhancing Technologies10.2478/popets-2021-00602021:4(54-75)Online publication date: 23-Jul-2021
https://doi.org/10.2478/popets-2021-0060
Lubben CPahl M(2021)Advances in ML-Based Anomaly Detection for the IoT2021 5th Cyber Security in Networking Conference (CSNet)10.1109/CSNet52717.2021.9614280(18-22)Online publication date: 12-Oct-2021
https://doi.org/10.1109/CSNet52717.2021.9614280
Cobb CSurbatovich MKawakami ASharif MBauer LDas AJia LLipford H(2020)How risky are real users' IFTTT applets?Proceedings of the Sixteenth USENIX Conference on Usable Privacy and Security10.5555/3488905.3488931(505-529)Online publication date: 10-Aug-2020
https://dl.acm.org/doi/10.5555/3488905.3488931
Boussard MPapillon SPeloso PSignorini MWaisbard E(2019)STewARD:SDN and blockchain-based Trust evaluation for Automated Risk management on IoT DevicesIEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFCOMW.2019.8845126(841-846)Online publication date: Apr-2019
https://doi.org/10.1109/INFCOMW.2019.8845126
Augusto-Gonzalez JCollen AEvangelatos SAnagnostopoulos MSpathoulas GGiannoutakis KVotis KTzovaras DGenge BGelenbe ENijdam N(2019)From Internet of Threats to Internet of Things: A Cyber Security Architecture for Smart Homes2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)10.1109/CAMAD.2019.8858493(1-6)Online publication date: Sep-2019
https://doi.org/10.1109/CAMAD.2019.8858493
Xu RZeng QZhu LChi HDu XGuizani M(2019)Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case StudyIEEE Access10.1109/ACCESS.2019.29112027(63457-63471)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2911202
Rafferty LIqbal FAleem SLu ZHuang SHung P(2018)Intelligent Multi-Agent Collaboration Model for Smart Home IoT Security2018 IEEE International Congress on Internet of Things (ICIOT)10.1109/ICIOT.2018.00016(65-71)Online publication date: Jul-2018
https://doi.org/10.1109/ICIOT.2018.00016

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents