TY - GEN
T1 - MUDirect
T2 - 2021 IEEE Congress on Cybermatics: 14th IEEE International Conferences on Internet of Things, iThings 2021, 17th IEEE International Conference on Green Computing and Communications, GreenCom 2021, 2021 IEEE International Conference on Cyber Physical and Social Computing, CPSCom 2021 and 7th IEEE International Conference on Smart Data, SmartData 2021
AU - Afek, Yehuda
AU - Bremler-Barr, Anat
AU - Hay, David
AU - Shalev, Avraham
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Manufacturer Usage Description (MUD) is a new, whitelist-based cybersecurity standard that was recently proposed by the IETF to cope with the huge attack surface and a constantly increasing number of IoT devices connected to the Internet. MUD allows the IoT manufacturers themselves to publish the legitimate communication patterns of their devices, making it easier for security devices to enforce this policy, filter out non-complying traffic, and block a device in case it has been compromised. Typically, MUD includes a set of legitimate endpoints, specified either by domain names or by IP addresses, along with the legitimate port numbers and protocols. While these descriptions are adequate when IoT devices connect (as clients) to servers (e.g., services in the cloud), they cannot adequately describe the cases where IoT devices act as servers to which endpoints connect. These endpoints (e.g., users' mobile devices) typically do not have fixed IP addresses, nor do they associate with a domain name. In this case, accounting for 78 % of IoT devices we have surveyed, MUD degrades nowadays to allow all possible endpoints and cannot mitigate any attack. In this work, we evaluate this phenomenon and show it has a high prevalence today, thus harming dramatically the MUD framework security efficiency. We then present a solution, MUDirect, which en-hances the MUD framework to deal with these cases while preserving the current MUD specification. Finally, we have implemented our solution (extending the existing osMUD implementation) and showed that it enables P2P IoT devices protection while having minimal changes to the osMUD code.
AB - Manufacturer Usage Description (MUD) is a new, whitelist-based cybersecurity standard that was recently proposed by the IETF to cope with the huge attack surface and a constantly increasing number of IoT devices connected to the Internet. MUD allows the IoT manufacturers themselves to publish the legitimate communication patterns of their devices, making it easier for security devices to enforce this policy, filter out non-complying traffic, and block a device in case it has been compromised. Typically, MUD includes a set of legitimate endpoints, specified either by domain names or by IP addresses, along with the legitimate port numbers and protocols. While these descriptions are adequate when IoT devices connect (as clients) to servers (e.g., services in the cloud), they cannot adequately describe the cases where IoT devices act as servers to which endpoints connect. These endpoints (e.g., users' mobile devices) typically do not have fixed IP addresses, nor do they associate with a domain name. In this case, accounting for 78 % of IoT devices we have surveyed, MUD degrades nowadays to allow all possible endpoints and cannot mitigate any attack. In this work, we evaluate this phenomenon and show it has a high prevalence today, thus harming dramatically the MUD framework security efficiency. We then present a solution, MUDirect, which en-hances the MUD framework to deal with these cases while preserving the current MUD specification. Finally, we have implemented our solution (extending the existing osMUD implementation) and showed that it enables P2P IoT devices protection while having minimal changes to the osMUD code.
KW - Internet of Things (IoT)
KW - Manufacturer Usage Description (MUD)
KW - Peer-To-Peer (P2P)
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85127374833&partnerID=8YFLogxK
U2 - 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics53846.2021.00032
DO - 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics53846.2021.00032
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85127374833
T3 - Proceedings - IEEE Congress on Cybermatics: 2021 IEEE International Conferences on Internet of Things, iThings 2021, IEEE Green Computing and Communications, GreenCom 2021, IEEE Cyber, Physical and Social Computing, CPSCom 2021 and IEEE Smart Data, SmartData 2021
SP - 121
EP - 129
BT - Proceedings - IEEE Congress on Cybermatics
A2 - Zheng, James
A2 - Liu, Xiao
A2 - Luan, Tom Hao
A2 - Jayaraman, Prem Prakash
A2 - Dai, Haipeng
A2 - Mitra, Karan
A2 - Qin, Kai
A2 - Ranjan, Rajiv
A2 - Wen, Sheng
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 6 December 2021 through 8 December 2021
ER -