Are hackers using my smart lamp?

What is it about?

Cyber attackers infect IoT devices in home-like environments - think of IP cameras, motion sensors, smart plugs - to enroll them in malicious botnets, or steal personal data. Currently, it is very hard to detect these attacks before they have already been successful, and thus the spreading dynamics of malicious IoT threats remain largely unseen. We present MUDscope, a tool implementing a novel and highly reliable methodology to capture malicious activities affecting IoT devices in home-like environments. We use recently-proposed manufacturer-provided network specifications for IoT devices to collect anomalous network traffic for IoT devices. By describing and comparing anomalous traffic from multiple devices, we gain unprecedented visibility on network threats facing IoT in home-like deployments.

Featured Image

Photo by 鏡飛 匙 on Unsplash

Photo by 鏡飛 匙 on Unsplash

Why is it important?

As more and more IoT devices are deployed in the real world, attackers gain more chances to infiltrate our technology and disrupt our lives. Defining a specification of benign behaviour is seen as a highly effective protection method against new and unknown threats, though it is not yet fully embraced by companies. The methodology we propose showcases yet another advantage that specification-based security can bring about in our cyber world.