Clear as MUD: Generating, Validating and Applying IoT Behaviorial Profiles (Technical Report)

04/12/2018
by   Ayyoob Hamza, et al.
0

IoT devices are increasingly being implicated in cyber-attacks, driving community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal specifications of the intended purpose of their IoT devices, in the form of a Manufacturer Usage Description (MUD), so that their network behavior in any operating environment can be locked down and verified rigorously. This paper aims to assist IoT manufacturers in developing and verifying MUD profiles, while also helping adopters of these devices to ensure they are compatible with their organizational policies. Our first contribution is to develop a tool that takes the traffic trace of an arbitrary IoT device as input and automatically generates a MUD profile for it. We contribute our tool as open source, apply it to 28 consumer IoT devices, and highlight insights and challenges encountered in the process. Our second contribution is to apply a formal semantic framework that not only validates a given MUD profile for consistency, but also checks its compatibility with a given organizational policy. Finally, we apply our framework to representative organizations and selected devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance testing.

READ FULL TEXT
research
02/07/2019

Verifying and Monitoring IoTs Network Behavior using MUD Profiles

IoT devices are increasingly being implicated in cyber-attacks, raising ...
research
01/28/2020

IoT Behavioral Monitoring via Network Traffic Analysis

Smart homes, enterprises, and cities are increasingly being equipped wit...
research
08/21/2020

IoT Network Security: Requirements, Threats, and Countermeasures

IoT devices are increasingly utilized in critical infrastructure, enterp...
research
01/17/2023

Quantifying and Managing Impacts of Concept Drifts on IoT Traffic Inference in Residential ISP Networks

Millions of vulnerable consumer IoT devices in home networks are the ena...
research
05/31/2019

Privacy-Preserving Detection of IoT Devices Connected Behind a NAT in a Smart Home Setup

Today, telecommunication service providers (telcos) are exposed to cyber...
research
10/11/2022

A Formal Assisted Approach for Modeling and Testing Security Attacks in IoT Edge Devices

With the rapid growth in the number of IoT devices being added to the ne...
research
06/20/2023

UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware

Nowadays, IoT devices integrate a wealth of third-party components (TPCs...

Please sign up or login with your details

Forgot password? Click here to reset