IoTsec: Automatic Profile-based Firewall for IoT Devices
Authors
Sørensen, Daniel Amkær ; Vanggaard, Nichlas
Term
4. term
Education
Publication year
2017
Submitted on
2017-06-08
Pages
112
Abstract
I efteråret 2016 blev store onlinetjenester sat ud af drift af IoT-botnets som Mirai. Dette projekt undersøger, hvordan IoT-enheder bag en IGD (internet-gateway-enhed, fx en router) kan beskyttes mod sådanne botnets ved at filtrere netværkstrafik med IGD'ens firewall. Løsningen opbygger en profil for hver enhed i en læringsfase, der automatisk starter, når en ny enhed tilsluttes. Hver profil beskriver den normale trafik til og fra enheden. Når læringsfasen er slut, genererer systemet tilpassede firewall-regler for enheden og indlæser dem i IGD'ens firewall. I den afsluttende evaluering viser resultaterne, at disse regler forhindrer botnets i at sprede sig og i at bruge enhederne i angreb.
In late 2016, large online services were taken offline by IoT botnets such as Mirai. This project examines how to protect IoT devices behind an IGD (internet gateway device, e.g., a router) from such botnets by filtering network traffic using the IGD's firewall. The solution builds a per-device profile during a learning phase that starts automatically when a new device connects. Each profile describes the normal traffic to and from that device. When learning ends, the system generates tailored firewall rules for the device and installs them on the IGD's firewall. In the final evaluation, the results show that these rules prevent botnets from spreading and from using devices to participate in attacks.
[This abstract was generated with the help of AI]
Keywords
Documents