Low-cost flow-based security solutions for smart-home IoT devices

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) Pub Date : 2016-11-01 DOI:10.1109/ANTS.2016.7947781

Arunan Sivanathan, Daniel Sherratt, H. Gharakheili, V. Sivaraman, A. Vishwanath

{"title":"Low-cost flow-based security solutions for smart-home IoT devices","authors":"Arunan Sivanathan, Daniel Sherratt, H. Gharakheili, V. Sivaraman, A. Vishwanath","doi":"10.1109/ANTS.2016.7947781","DOIUrl":null,"url":null,"abstract":"The rapid growth of Internet-of-Things (IoT) devices, such as smart-bulbs, smoke-alarms, webcams, and health-monitoring devices, is accompanied by escalating threats of attacks that can seriously compromise household and personal safety. Recent works have advocated the use of network-level solutions to detect and prevent attacks on smart-home IoT devices. In this paper we undertake a deeper exploration of network-level security solutions for IoT, by comparing flow-based monitoring with packet-based monitoring approaches. We conduct experiments with real attacks on real IoT devices to validate our flow-based security solution, and use the collected traces as input to simulations to compare its processing performance against a packet-based solution. Our results show that flow-based monitoring can achieve most of the security benefits of packet-based monitoring, but at dramatically reduced processing costs. Our study informs the design of future smart-home network-level security solutions.","PeriodicalId":248902,"journal":{"name":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","volume":"229 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"72","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ANTS.2016.7947781","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 72

Abstract

The rapid growth of Internet-of-Things (IoT) devices, such as smart-bulbs, smoke-alarms, webcams, and health-monitoring devices, is accompanied by escalating threats of attacks that can seriously compromise household and personal safety. Recent works have advocated the use of network-level solutions to detect and prevent attacks on smart-home IoT devices. In this paper we undertake a deeper exploration of network-level security solutions for IoT, by comparing flow-based monitoring with packet-based monitoring approaches. We conduct experiments with real attacks on real IoT devices to validate our flow-based security solution, and use the collected traces as input to simulations to compare its processing performance against a packet-based solution. Our results show that flow-based monitoring can achieve most of the security benefits of packet-based monitoring, but at dramatically reduced processing costs. Our study informs the design of future smart-home network-level security solutions.

查看原文本刊更多论文

智能家居物联网设备的低成本流安全解决方案

物联网(IoT)设备(如智能灯泡、烟雾报警器、网络摄像头和健康监测设备)的快速增长伴随着不断升级的攻击威胁，这些攻击可能严重危及家庭和个人安全。最近的工作提倡使用网络级解决方案来检测和防止对智能家居物联网设备的攻击。在本文中，我们通过比较基于流量的监控与基于数据包的监控方法，对物联网的网络级安全解决方案进行了更深入的探索。我们在真实的物联网设备上进行了真实攻击的实验，以验证我们基于流的安全解决方案，并使用收集的痕迹作为模拟的输入，将其处理性能与基于数据包的解决方案进行比较。我们的研究结果表明，基于流的监控可以实现基于包的监控的大部分安全优势，但处理成本大大降低。我们的研究为未来智能家居网络级安全解决方案的设计提供了参考。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)

自引率

0.00%

发文量