NeTS: Small: Network-centric IoT Security

NeTS：小型：以网络为中心的物联网安全

• 批准号: 1816340
• 负责人: Theophilus Benson
• 金额: $ 50万
• 依托单位: Brown University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2023-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1816340&HistoricalAwards=false
• 关键词: NeTS; Small; Network; centric; IoT

The Internet is going through a new phase in which billions of new of devices which sense and interact with the physical world are getting connected in homes, industry, cities, farms, etc. These devices, collectively known as Internet of Things (IoT), bring unprecedented possibilities for improvements in automation, healthcare, transportation, water quality monitoring, agriculture, and disaster response, to name a few. However, this same technology poses serious risks to users' privacy and security. As examples, recent attacks on IoT infrastructure have created threats such as the 'baby camera search engine', and also some of the largest distributed denial of service (DDoS) attacks in history, which brought down the Internet for millions of users for many hours in 2016. In many cases, there are no external signs that IoT devices are being attacked or are operating in a malicious way. This, coupled with complex configurations, insecure default settings, and the difficulty of upgrading devices, makes depending on users or manufacturers to guarantee the security of IoT insufficient. This project aims to revisit the role of the network in protecting infrastructure, home networks and the Internet against these attacks on, and by, IoT devices. In particular, the project will investigate algorithms and designs to effectively detect and defend against these attacks. If successful, the proposed research can have significant impact in society at large by mitigating many of these risks, and enabling greater, safe, adoption of IoT technologies. The proposed research may also change the way home networks are managed, by using smart home routers that understand and mitigate threats, as well as to create new business models for cloud-based outsourcing of these capabilities.This proposal focuses on important security challenges brought on by IoT. The proposed research will advance our understanding of the traffic characteristics of different classes of IoT devices, and the threats they pose to their users and to the larger Internet infrastructure. The unique features of the IoT environment-- no expert administration, many unpatchable devices, and restricted traffic patterns--justify in-depth exploration of this space. If successful, this research will develop novel ways to detect and mitigate attacks involving home IoT infrastructures, including models, algorithms, and an architecture in which to deploy and test them. In particular, we propose to (i) characterize and identify traffic patterns of normal and compromised home IoT devices, (ii) devise new methods of detecting and mitigating attacks that both target and use IoT devices, leveraging the unique characteristics of IoT devices and their deployments, and (iii) create and deploy a prototype architecture based on home routers, both individually and in concert, to test these ideas. The architecture will run the distributed and centralized components of the models, detect attacks, and isolate compromised devices. The project will use the comprehensive characterization of (a variety of) IoT device behavior to derive effective and dynamic policies, and to design user-friendly mechanisms that directly manage a heterogeneous data plane and resolve policy conflicts in order to prevent these attacks from happening and from spreading. These efforts will be able to inform both manufacturers and users of best practices on how to configure, update, and use IoT devices, enabling a path in which we attain the potential benefits of IoT for society at large, without the current risks that threat to hinder its adoption.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

互联网正在经历一个新阶段，在这个阶段，数十亿感知物理世界并与物理世界交互的新设备正在家庭、工业、城市、农场等领域连接起来。这些设备统称为物联网(IoT)，为自动化、医疗保健、交通运输、水质监测、农业和灾难应对等领域的改进带来了前所未有的可能性。然而，同样的技术对用户的隐私和安全构成了严重的风险。举个例子，最近对物联网基础设施的攻击制造了一些威胁，如“婴儿摄像头搜索引擎”，以及一些历史上最大的分布式拒绝服务(DDoS)攻击，这些攻击在2016年导致数百万用户的互联网瘫痪长达数小时。在许多情况下，没有外部迹象表明物联网设备正在受到攻击或以恶意方式运行。这再加上复杂的配置、不安全的默认设置、设备升级的难度，使得依赖用户或厂商来保障物联网的安全是不够的。该项目旨在重新审视网络在保护基础设施、家庭网络和互联网免受物联网设备攻击方面的作用。特别是，该项目将研究算法和设计，以有效地检测和防御这些攻击。如果成功，拟议的研究可以通过降低其中许多风险，并更安全地采用物联网技术，在整个社会产生重大影响。这项拟议的研究还可能通过使用能够识别和缓解威胁的智能家庭路由器来改变家庭网络的管理方式，并为基于云的外包这些功能创建新的商业模式。该建议侧重于物联网带来的重要安全挑战。拟议的研究将促进我们对不同类别物联网设备的流量特征以及它们对用户和更大的互联网基础设施构成的威胁的理解。物联网环境的独特功能--没有专家管理、许多无法修补的设备和受限的流量模式--证明有理由深入探索这一领域。如果成功，这项研究将开发新的方法来检测和缓解涉及家庭物联网基础设施的攻击，包括模型、算法以及部署和测试它们的架构。特别是，我们建议(I)表征和识别正常和受威胁的家庭物联网设备的流量模式，(Ii)利用物联网设备及其部署的独特特征，设计新的方法来检测和缓解针对和使用物联网设备的攻击，以及(Iii)创建和部署基于家庭路由器的原型架构，以单独和协同测试这些想法。该架构将运行模型的分布式和集中式组件，检测攻击并隔离受攻击的设备。该项目将使用(各种)物联网设备行为的全面表征来得出有效和动态的策略，并设计用户友好的机制，直接管理异类数据平面并解决策略冲突，以防止这些攻击发生和蔓延。这些努力将能够让制造商和用户了解如何配置、更新和使用物联网设备的最佳实践，从而使我们能够实现物联网对整个社会的潜在好处，而不存在阻碍其采用的当前风险。该奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Verifying and Monitoring IoTs Network Behavior Using MUD Profiles

• DOI: 10.1109/tdsc.2020.2997898
• 发表时间: 2019-02
• 期刊: IEEE Transactions on Dependable and Secure Computing
• 影响因子: 7.3
• 作者: Ayyoob Hamza;Dinesha Ranathunga;H. Gharakheili;Theophilus A. Benson;M. Roughan;V. Sivaraman