Abstract
With an increasing number of Internet of Things (IoT) devices present in homes, there is a rise in the number of potential information leakage channels and their associated security threats and privacy risks. Despite a long history of attacks on IoT devices in unprotected home networks, the problem of accurate, rapid detection and prevention of such attacks remains open. Many existing IoT protection solutions are cloud-based, sometimes ineffective, and might share consumer data with unknown third parties. This paper investigates the potential for effective IoT threat detection locally, on a home router, using AI tools combined with classic rule-based traffic-filtering algorithms. Our results show that with a slight rise of router hardware resources caused by machine learning and traffic filtering logic, a typical home router instrumented with our solution is able to effectively detect risks and protect a typical home IoT network, equaling or outperforming existing popular solutions, without any effects on benign IoT functionality, and without relying on cloud services and third parties.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We obtained this number empirically after extensive testing showing a good trade-off between ML accuracy and reaction time.
References
Asus (TrendMicro). https://www.asus.com/Content/AiProtection/. Accessed 03 Nov 2023
Bitdefender Box 2. https://www.bitdefender.com/smart-home/#products. Accessed 03 Nov 2023
F-Secure. https://www.f-secure.com/gb-en/home/products/sense. Accessed 03 Nov 2023
Fail2ban. https://www.fail2ban.org/wiki/index.php/Main_Page. Accessed 03 Nov 2023
Fingbox. https://www.fing.com/products/fingbox. Accessed 03 Nov 2023
Firewalla. https://firewalla.com/. Accessed 03 Nov 2023
iptables. https://linux.die.net/man/8/iptables. Accessed 03 Nov 2023
LinkSys | WRT3200ACM Data Sheet. https://downloads.linksys.com/downloads/datasheet/WRT3200ACM_WiFiRouter_EN.pdf. Accessed 03 Nov 2023
McAfee Secure Home Platform. https://www.mcafee.com/support/?page=shell &shell=article-view &locale=en-US &articleId=TS102712. Accessed 03 Nov 2023
netfilter. https://www.netfilter.org/. Accessed 03 Nov 2023
netml. https://github.com/noise-lab/netml. Accessed 03 Nov 2023
OpenWrt. https://openwrt.org/. Accessed 03 Nov 2023
RATtrap. https://www.myrattrap.com/. Accessed 03 Nov 2023
Safeguards study: threat simulation scripts. https://github.com/IoTrim/safeguards-study. Accessed 03 Nov 2023
Snort 3. https://www.snort.org/snort3. Accessed 03 Nov 2023
Snort3 community rules. https://snort.org/downloads/community/snort3-community-rules.tar.gz. Accessed 03 Nov 2023
SunBlock project page. https://github.com/SunBlock-IoT/SunBlock_router. Accessed 11 Jan 2023
Suricata. https://suricata.io/. Accessed 03 Nov 2023
Tcpreplay Official Site. https://tcpreplay.appneta.com/. Accessed 03 Nov 2023
TP-Link HomeShield (Avira). https://www.tp-link.com/us/homeshield/. Accessed 03 Nov 2023
Zeek. https://zeek.org/. Accessed 03 Nov 2023
Alrawi, O., Lever, C., Antonakakis, M., Monrose, F.: SoK: security evaluation of home-based IoT deployments. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1362–1380 (2019). https://doi.org/10.1109/SP.2019.00013
Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th USENIX Security Symposium (USENIX Security 2017), Vancouver, BC, pp. 1093–1110. USENIX Association (2017). https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis
Babun, L., Denney, K., Celik, Z.B., McDaniel, P., Uluagac, A.S.: A survey on IoT platforms: communication, security, and privacy perspectives. Comput. Netw. 192, 108040 (2021). https://doi.org/10.1016/j.comnet.2021.108040. https://www.sciencedirect.com/science/article/pii/S1389128621001444
Briggs, C., Fan, Z., Andras, P.: A review of privacy-preserving federated learning for the internet-of-things. In: Federated Learning Systems: Towards Next-Generation AI, pp. 21–50 (2021)
Chakrabarti, S., Chakraborty, M., Mukhopadhyay, I.: Study of snort-based IDS. In: ICWET 2010, pp. 43–47. Association for Computing Machinery, New York (2010). https://doi.org/10.1145/1741906.1741914
Conti, M., Nati, M., Rotundo, E., Spolaor, R.: Mind the plug! Laptop-user recognition through power consumption. In: Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, IoTPTS 2016, pp. 37–44. Association for Computing Machinery, New York (2016). https://doi.org/10.1145/2899007.2899009
Dua, A., Tyagi, V., Patel, N., Mehtre, B.: IISR: a secure router for IoT networks. In: 2019 4th International Conference on Information Systems and Computer Networks (ISCON), pp. 636–643 (2019). https://doi.org/10.1109/ISCON47742.2019.9036313
Dudley, J.J., Kristensson, P.O.: A review of user interface design for interactive machine learning. ACM Trans. Interact. Intell. Syst. (TiiS) 8(2), 1–37 (2018)
He, W., et al.: SoK: context sensing for access control in the adversarial home IoT. In: 2021 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 37–53 (2021). https://doi.org/10.1109/EuroSP51992.2021.00014
Huang, D.Y., Apthorpe, N., Li, F., Acar, G., Feamster, N.: IoT inspector: crowdsourcing labeled network traffic from smart home devices at scale. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 4(2) (2020). https://doi.org/10.1145/3397333
Karale, A.: The challenges of iot addressing security, ethics, privacy, and laws. Internet Things 15, 100420 (2021). https://doi.org/10.1016/j.iot.2021.100420. https://www.sciencedirect.com/science/article/pii/S2542660521000640
Kolcun, R., et al.: Revisiting IoT device identification. In: Bajpai, V., Haddadi, H., Hohlfeld, O. (eds.) 5th Network Traffic Measurement and Analysis Conference, TMA 2021, Virtual Event, 14–15 September 2021. IFIP (2021). http://dl.ifip.org/db/conf/tma/tma2021/tma2021-paper6.pdf
Kolcun, R., et al.: The Case for Retraining of ML Models for IoT Device Identification at the Edge. arXiv preprint (2020). https://arxiv.org/abs/2011.08605
Kotak, J., Elovici, Y.: IoT device identification using deep learning. In: Herrero, Á., Cambra, C., Urda, D., Sedano, J., Quintián, H., Corchado, E. (eds.) CISIS 2020. Advances in Intelligent Systems and Computing, vol. 1267, pp. 76–86. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-57805-3_8
Lastdrager, E., Hesselman, C., Jansen, J., Davids, M.: Protecting home networks from insecure IoT devices. In: NOMS 2020-2020 IEEE/IFIP Network Operations and Management Symposium, p. 1–6. IEEE Press (2020). https://doi.org/10.1109/NOMS47738.2020.9110419
Lyon, G.F.: Nmap network scanning: the official Nmap project guide to network discovery and security scanning. Insecure. Com LLC (US) (2008)
Mahdavinejad, M.S., Rezvan, M., Barekatain, M., Adibi, P., Barnaghi, P., Sheth, A.P.: Machine learning for internet of things data analysis: a survey. Digit. Commun. Netw. 4(3), 161–175 (2018). https://doi.org/10.1016/j.dcan.2017.10.002. https://www.sciencedirect.com/science/article/pii/S235286481730247X
Mandalari, A., Haddadi, H., Dubois, D.J., Choffnes, D.: Protected or porous: a comparative analysis of threat detection capability of IoT safeguards. In: 2023 2023 IEEE Symposium on Security and Privacy (SP) (SP), pp. 3061–3078. IEEE Computer Society, Los Alamitos (2023). https://doi.org/10.1109/SP46215.2023.00151. https://doi.ieeecomputersociety.org/10.1109/SP46215.2023.00151
Mandalari, A.M., Dubois, D.J., Kolcun, R., Paracha, M.T., Haddadi, H., Choffnes, D.: Blocking without Breaking: Identification and Mitigation of Non-Essential IoT Traffic (2021)
Meidan, Y., et al.: ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis. In: Proceedings of the Symposium on Applied Computing, SAC 2017, pp. 506–509. Association for Computing Machinery, New York (2017). https://doi.org/10.1145/3019612.3019878
Modems, A.: Comcast Infinity xFi XB6 Review (2023). https://approvedmodems.org/xfinity-xfi-xb6-review/. Accessed 03 Nov 2023
Palmese, F., Redondi, A.E., Cesana, M.: Feature-sniffer: enabling IoT forensics in OpenWrt based Wi-Fi access points. In: 2022 IEEE 8th World Forum on Internet of Things (WF-IoT), pp. 1–6. IEEE (2022)
Paracha, M.T., Dubois, D.J., Vallina-Rodriguez, N., Choffnes, D.: IoTLS: understanding TLS usage in consumer IoT devices. In: Proceedings of the Internet Measurement Conference (2021)
Patel, N., Mehtre, B., Wankar, R.: A snort-based secure edge router for smart home. Int. J. Sens. Netw. 41(1), 42–59 (2023). https://doi.org/10.1504/IJSNET.2023.128505. https://www.inderscienceonline.com/doi/abs/10.1504/IJSNET.2023.128505
Razzak, I., Zafar, K., Imran, M., Xu, G.: Randomized nonlinear one-class support vector machines with bounded loss function to detect of outliers for large scale IoT data. Future Gener. Comput. Syst. 112, 715–723 (2020). https://doi.org/10.1016/j.future.2020.05.045. https://www.sciencedirect.com/science/article/pii/S0167739X19313913
Ren, J., Dubois, D.J., Choffnes, D., Mandalari, A.M., Kolcun, R., Haddadi, H.: Information exposure for consumer IoT devices: a multidimensional, network-informed measurement approach. In: Proceedings of the Internet Measurement Conference (IMC) (2019)
Sadek, I., Rehman, S.U., Codjo, J., Abdulrazak, B.: Privacy and security of IoT based healthcare systems: concerns, solutions, and recommendations. In: Pagán, J., Mokhtari, M., Aloulou, H., Abdulrazak, B., Cabrera, M. (eds.) ICOST 2019. LNCS, vol. 11862, pp. 3–17. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-030-32785-9_1
Setayeshfar, O., et al.: Privacy invasion via smart-home hub in personal area networks. Pervasive Mob. Comput. 85, 101675 (2022). https://doi.org/10.1016/j.pmcj.2022.101675
Shorman, A., Faris, H., Aljarah, I.: Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection. J. Ambient Intell. Humaniz. Comput. 11, 2809–2825 (2020). https://doi.org/10.1007/s12652-019-01387-y
Swessi, D., Idoudi, H.: A survey on internet-of-things security: threats and emerging countermeasures. Wirel. Pers. Commun. 124(2), 1557–1592 (2022). https://doi.org/10.1007/s11277-021-09420-0
Thompson, O., Mandalari, A.M., Haddadi, H.: Rapid IoT device identification at the edge. In: Proceedings of the 2nd ACM International Workshop on Distributed Machine Learning, DistributedML 2021, pp. 22–28. Association for Computing Machinery, New York (2021). https://doi.org/10.1145/3488659.3493777
Verizon: VerizonRouter CR1000A Datasheet (2023). https://www.verizon.com/supportresources/content/dam/verizon/support/consumer/documents/internet/verizon-router_datasheet.pdf. Accessed 03 Nov 2023
Wu, X., Xiao, L., Sun, Y., Zhang, J., Ma, T., He, L.: A survey of human-in-the-loop for machine learning. Futur. Gener. Comput. Syst. 135, 364–381 (2022)
Yang, K., Kpotufe, S., Feamster, N.: A Comparative Study of Network Traffic Representations for Novelty Detection. arXiv preprint (2020). https://arxiv.org/abs/2006.16993v1
Zhou, C., Fu, A., Yu, S., Yang, W., Wang, H., Zhang, Y.: Privacy-preserving federated learning in fog computing. IEEE Internet Things J. 7(11), 10782–10793 (2020)
Acknowledgements
We thank the anonymous reviewers and our shepherd Roland van Rijswijk-Deij for their constructive and insightful feedback. This work was supported by the EPSRC Open Plus Fellowship (EP/W005271/1), the EPSRC PETRAS grant (EP/S035362/1), and the NSF ProperData award (SaTC-1955227).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Safronov, V., Mandalari, A.M., Dubois, D.J., Choffnes, D., Haddadi, H. (2024). SunBlock: Cloudless Protection for IoT Systems. In: Richter, P., Bajpai, V., Carisimo, E. (eds) Passive and Active Measurement. PAM 2024. Lecture Notes in Computer Science, vol 14538. Springer, Cham. https://doi.org/10.1007/978-3-031-56252-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-56252-5_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-56251-8
Online ISBN: 978-3-031-56252-5
eBook Packages: Computer ScienceComputer Science (R0)