Verifying and Monitoring IoTs Network Behavior Using MUD Profiles

Hamza, Ayyoob; Ranathunga, Dinesha; Gharakheili, Hassan Habibi; Benson, Theophilus; Roughan, Matthew; Sivaraman, Vijay

doi:10.1109/tdsc.2020.2997898

Cited by 37 publications

(35 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…IoT devices with highly primitive security features are susceptible to attacks as they become entry points to infiltrate into critical infrastructures via the connected networks [38,41]. There is an escalation of new IoT threats and security risks, due to the inherent vulnerabilities in each of the four basic layers of the IoT architecture: In this section, we identify the potential risks and the key security requirements in each IoT layer from reported studies to form the key security requirements for our research problem [29,42,66,67]. We summaries our findings of IoT vulnerabilities and security risks in each layer of IoT architecture below.…”

Section: Security Requirements Of Iot Architecturementioning

confidence: 99%

“…Recent related works have studied the IoT security problem with the main focus of addressing the information leak of different IoT devices in smart environments, such as healthcare medical devices, home/office consumer devices, and educational toy devices [21,39,40]. Other categories of security studies have focused on anomaly detection by monitoring and fingerprinting IoT networks using machine learning techniques, and these solutions are resource-intensive and impractical for large-scale smart environments [41][42][43]. Further, research studies on secure smart environments are very much focused on specific application domains.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Overmars¹,

Venkatraman²

2020

Technologies

View full text Add to dashboard Cite

Recent growth in the Internet of Things (IoT) looks promising for realizing a smart environment of the future. However, concerns about the security of IoT devices are escalating as they are inherently constrained by limited resources, heterogeneity, and lack of standard security controls or protocols. Due to their inability to support state-of-the-art secure network protocols and defense mechanisms, standard security solutions are unsuitable for dynamic IoT environments that require large and smart IoT infrastructure deployments. At present, the IoT based smart environment deployments predominantly use cloud-centric approaches to enable continuous and on-demand data exchange that leads to further security and privacy risks. While standard security protocols, such as Virtual Private Networks (VPNs), have been explored for certain IoT environments recently, the implementation models reported have several variations and are not practically scalable for any dynamically scalable IoT deployment. This paper addresses current drawbacks in providing the required flexibility, interoperability, scalability, and low-cost practical viability of a secure IoT infrastructure. We propose an adaptive end-to-end security model that supports the defense requirements for a scalable IoT infrastructure. With low-cost embedded controllers, such as the Raspberry Pi, allowing for the convergence of more sophisticated networking protocols to be embedded at the IoT monitoring interface, we propose a scalable IoT security model integrating both the IoT devices and the controller as one embedded device. Our approach is unique, with a focus on the integration of a security protocol at the embedded interface. In addition, we demonstrate a prototype implementation of our IoT security model for a smart water monitoring system. We believe that our modest first step would instill future research interests in this direction.

show abstract

Section: Security Requirements Of Iot Architecturementioning

confidence: 99%

mentioning

confidence: 99%

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Overmars¹,

Venkatraman²

2020

Technologies

View full text Add to dashboard Cite

show abstract

“…Additionally, the authors develop a formal semantic framework to validate MUD files, as well as the compatibility with policies that can be defined in the scope of a certain organization. Based on this work, the same authors present an approach to monitor such profiles in [18]. The main objective of these proposals is to support the generation of MUD profiles to encourage the deployment of the standard.…”

Section: Related Workmentioning

confidence: 99%

“…The process required to obtain the generated MUD file is not considered. [18] Usage of the MUD to monitor suspicious behaviors. The obtaining and enforcement phases of the MUD files are not addressed.…”

Section: Reference General Descriptionmentioning

confidence: 99%

Enforcing Behavioral Profiles through Software-Defined Networks in the Industrial Internet of Things

et al. 2019

View full text Add to dashboard Cite

The fourth industrial revolution is being mainly driven by the integration of Internet of Things (IoT) technologies to support the development lifecycle of systems and products. Despite the well-known advantages for the industry, an increasingly pervasive industrial ecosystem could make such devices an attractive target for potential attackers. Recently, the Manufacturer Usage Description (MUD) standard enables manufacturers to specify the intended use of their devices, thereby restricting the attack surface of a certain system. In this direction, we propose a mechanism to manage securely the obtaining and enforcement of MUD policies through the use of a Software-Defined Network (SDN) architecture. We analyze the applicability and advantages of the use of MUD in industrial environments based on our proposed solution, and provide an exhaustive performance evaluation of the required processes.

show abstract

“…When the MUD file and observed behavior are inspected and compared, the user could be presented with a diagram highlighting where the observed behavior does not comply with the MUD file. The 844 UNSW researchers have developed a tool for comparing a provided MUD file with observed 845 activity [13]. One also could imagine the MUD Visualizer tool being extended to include this capability.…”

mentioning

confidence: 99%

Methodology for Characterizing Network Behavior of Internet of Things Devices

Watrobski¹,

Klosterman²,

Barker³

et al. 2020

Preprint

View full text Add to dashboard Cite

This white paper describes an approach to determining and documenting the device types and communication behaviors of Internet of Things (IoT) devices connected to a network. From this identification and documentation, files based on the Manufacturer Usage Description (MUD) specification can be created and used by manufacturers and network administrators to manage access to and from those devices. The paper also describes the current state of implementation of the approach and proposals for future development.

show abstract

Verifying and Monitoring IoTs Network Behavior Using MUD Profiles

Cited by 37 publications

References 17 publications

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Enforcing Behavioral Profiles through Software-Defined Networks in the Industrial Internet of Things

Methodology for Characterizing Network Behavior of Internet of Things Devices

Contact Info

Product

Resources

About