TY - GEN
T1 - Demo
T2 - 2020 IEEE/IFIP Network Operations and Management Symposium, NOMS 2020
AU - Afek, Yehuda
AU - Bremler-Barr, Anat
AU - Hay, David
AU - Shafir, Lior
AU - Zhaika, Ihab
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/4
Y1 - 2020/4
N2 - This demo focuses on demonstrating features of a new system to protect IoT devices in customer premises at the ISP level. The core of the system is deployed as a Virtual Network Function (VNF) within the ISP network, and is based on the Manufacturer Usage Description (MUD) framework, a white-list IoT protection scheme that has been proposed in recent years.As MUD is designed for on-premise deployment, the system makes the necessary adaptations to enable its deployment outside the customer premise. Moreover, the system includes a mechanism to distinguish between flows of different devices at the ISP level despite the fact that most home networks (and their IoT devices) are behind a NAT and all the flows from the same home come out with the same source IP address.Our demo follows closely a proof-of-concept that we have done with a large national level ISP, showing how our system can identify the various IoT devices that are connected to the network and detecting any unauthorized communications.
AB - This demo focuses on demonstrating features of a new system to protect IoT devices in customer premises at the ISP level. The core of the system is deployed as a Virtual Network Function (VNF) within the ISP network, and is based on the Manufacturer Usage Description (MUD) framework, a white-list IoT protection scheme that has been proposed in recent years.As MUD is designed for on-premise deployment, the system makes the necessary adaptations to enable its deployment outside the customer premise. Moreover, the system includes a mechanism to distinguish between flows of different devices at the ISP level despite the fact that most home networks (and their IoT devices) are behind a NAT and all the flows from the same home come out with the same source IP address.Our demo follows closely a proof-of-concept that we have done with a large national level ISP, showing how our system can identify the various IoT devices that are connected to the network and detecting any unauthorized communications.
UR - http://www.scopus.com/inward/record.url?scp=85086770394&partnerID=8YFLogxK
U2 - 10.1109/NOMS47738.2020.9110409
DO - 10.1109/NOMS47738.2020.9110409
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85086770394
T3 - Proceedings of IEEE/IFIP Network Operations and Management Symposium 2020: Management in the Age of Softwarization and Artificial Intelligence, NOMS 2020
BT - Proceedings of IEEE/IFIP Network Operations and Management Symposium 2020
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 20 April 2020 through 24 April 2020
ER -