research-article

Verifying and Monitoring IoTs Network Behavior Using MUD Profiles

Authors:

Ayyoob Hamza,

Dinesha Ranathunga,

Hassan Habibi Gharakheili,

Theophilus A. Benson,

Matthew Roughan,

Vijay SivaramanAuthors Info & Claims

IEEE Transactions on Dependable and Secure Computing, Volume 19, Issue 1

Pages 1 - 18

https://doi.org/10.1109/TDSC.2020.2997898

Published: 01 January 2022 Publication History

Abstract

IoT devices are increasingly being implicated in cyber-attacks, raising community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal specifications of the intended purpose of their IoT devices, in the form of a Manufacturer Usage Description (MUD), so that their network behavior in any operating environment can be locked down and verified rigorously. This article aims to assist IoT manufacturers in developing and verifying MUD profiles, while also helping adopters of these devices to ensure they are compatible with their organizational policies and track device network behavior using their MUD profile. Our first contribution is to develop a tool that takes the traffic trace of an arbitrary IoT device as input and automatically generates the MUD profile for it. We contribute our tool as open source, apply it to 28 consumer IoT devices, and highlight insights and challenges encountered in the process. Our second contribution is to apply a formal semantic framework that not only validates a given MUD profile for consistency, but also checks its compatibility with a given organizational policy. We apply our framework to representative organizations and selected devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance testing. Finally, we show how operators can dynamically identify IoT devices using known MUD profiles and monitor their behavioral changes in their network.

Cited By

View all

Li RLi QHuang YZou QZhao DZhang ZJiang YZhu FVasilakos A(2024)SeIoT: Detecting Anomalous Semantics in Smart Homes via Knowledge GraphIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.342885619(7005-7018)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3428856
Pashamokhtari ABatista GGharakheili H(2023)Efficient IoT Traffic Inference: From Multi-view Classification to Progressive MonitoringACM Transactions on Internet of Things10.1145/36253065:1(1-30)Online publication date: 16-Dec-2023
https://dl.acm.org/doi/10.1145/3625306
He HChen DZhuang ZQi QZhang LXu TWang J(2023)Fine-Grained Flow Control Agent on Path MTU for IoT SoftwareProceedings of the 14th Asia-Pacific Symposium on Internetware10.1145/3609437.3609444(144-153)Online publication date: 4-Aug-2023
https://dl.acm.org/doi/10.1145/3609437.3609444
Show More Cited By

Index Terms

Verifying and Monitoring IoTs Network Behavior Using MUD Profiles
1. General and reference
2. Social and professional topics

Index terms have been assigned to the content through auto-classification.

Recommendations

Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles
IoT S&P '18: Proceedings of the 2018 Workshop on IoT Security and Privacy

IoT devices are increasingly being implicated in cyber-attacks, raising community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal ...
IoT MUD enforcement in the edge cloud using programmable switch
FFSPIN '22: Proceedings of the ACM SIGCOMM Workshop on Formal Foundations and Security of Programmable Network Infrastructures

Targeted data breaches and cybersecurity attacks involving IoT devices are becoming ever more concerning. To combat these threats and risks, the IETF standardized Manufacturer Usage Description (MUD), which allows IoT device vendors to specify the ...
Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behavior profiles
ACSAC '22: Proceedings of the 38th Annual Computer Security Applications Conference

Besides coming with unprecedented benefits, the Internet of Things (IoT) suffers deficits in security measures, leading to attacks increasing every year. In particular, network environments such as smart homes lack managed security capabilities to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Transactions on Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing Volume 19, Issue 1

Jan.-Feb. 2022

716 pages

ISSN:1545-5971

Issue’s Table of Contents

Publisher

IEEE Computer Society Press

Washington, DC, United States

Publication History

Published: 01 January 2022

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Li RLi QHuang YZou QZhao DZhang ZJiang YZhu FVasilakos A(2024)SeIoT: Detecting Anomalous Semantics in Smart Homes via Knowledge GraphIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.342885619(7005-7018)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3428856
Pashamokhtari ABatista GGharakheili H(2023)Efficient IoT Traffic Inference: From Multi-view Classification to Progressive MonitoringACM Transactions on Internet of Things10.1145/36253065:1(1-30)Online publication date: 16-Dec-2023
https://dl.acm.org/doi/10.1145/3625306
He HChen DZhuang ZQi QZhang LXu TWang J(2023)Fine-Grained Flow Control Agent on Path MTU for IoT SoftwareProceedings of the 14th Asia-Pacific Symposium on Internetware10.1145/3609437.3609444(144-153)Online publication date: 4-Aug-2023
https://dl.acm.org/doi/10.1145/3609437.3609444
Kowalczyk MGunawan JChoffnes DDubois DHartzog WWilson C(2023)Understanding Dark Patterns in Home IoT DevicesProceedings of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544548.3581432(1-27)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544548.3581432
Kuang BFu AGao YZhang YZhou JDeng R(2023)FeSA: Automatic Federated Swarm Attestation on Dynamic Large-Scale IoT DevicesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.319310620:4(2954-2969)Online publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1109/TDSC.2022.3193106

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles

IoT MUD enforcement in the edge cloud using programmable switch

Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behavior profiles

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations