Cargando…
Autopolicy: Automated Traffic Policing for Improved IoT Network Security
A 2.3Tbps DDoS attack was recently mitigated by Amazon, which is a new record after the 2018 GitHub attack, or the famous 2016 Dyn DNS attack launched from hundreds of thousands of hijacked Internet of Things (IoT) devices. These attacks may disrupt the lives of billions of people worldwide, as we i...
| Autores principales: | , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7435376/ https://www.ncbi.nlm.nih.gov/pubmed/32751739 http://dx.doi.org/10.3390/s20154265 |
| _version_ | 1783572324997398528 |
|---|---|
| author | Foremski, Pawel Nowak, Sławomir Fröhlich, Piotr Hernández-Ramos, José Luis Baldini, Gianmarco |
| author_facet | Foremski, Pawel Nowak, Sławomir Fröhlich, Piotr Hernández-Ramos, José Luis Baldini, Gianmarco |
| author_sort | Foremski, Pawel |
| collection | PubMed |
| description | A 2.3Tbps DDoS attack was recently mitigated by Amazon, which is a new record after the 2018 GitHub attack, or the famous 2016 Dyn DNS attack launched from hundreds of thousands of hijacked Internet of Things (IoT) devices. These attacks may disrupt the lives of billions of people worldwide, as we increasingly rely on the Internet. In this paper, we tackle the problem that hijacked IoT devices are often the origin of these attacks. With the goal of protecting the Internet and local networks, we propose Autopolicy: a system that automatically limits the IP traffic bandwidth—and other network resources—available to IoT devices in a particular network. We make use of the fact that devices, such as sensors, cameras, and smart home appliances, rarely need their high-speed network interfaces for normal operation. We present a simple yet flexible architecture for Autopolicy, specifying its functional blocks, message sequences, and general operation in a Software Defined Network. We present the experimental validation results, and release a prototype open source implementation. |
| format | Online Article Text |
| id | pubmed-7435376 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-74353762020-08-28 Autopolicy: Automated Traffic Policing for Improved IoT Network Security Foremski, Pawel Nowak, Sławomir Fröhlich, Piotr Hernández-Ramos, José Luis Baldini, Gianmarco Sensors (Basel) Article A 2.3Tbps DDoS attack was recently mitigated by Amazon, which is a new record after the 2018 GitHub attack, or the famous 2016 Dyn DNS attack launched from hundreds of thousands of hijacked Internet of Things (IoT) devices. These attacks may disrupt the lives of billions of people worldwide, as we increasingly rely on the Internet. In this paper, we tackle the problem that hijacked IoT devices are often the origin of these attacks. With the goal of protecting the Internet and local networks, we propose Autopolicy: a system that automatically limits the IP traffic bandwidth—and other network resources—available to IoT devices in a particular network. We make use of the fact that devices, such as sensors, cameras, and smart home appliances, rarely need their high-speed network interfaces for normal operation. We present a simple yet flexible architecture for Autopolicy, specifying its functional blocks, message sequences, and general operation in a Software Defined Network. We present the experimental validation results, and release a prototype open source implementation. MDPI 2020-07-30 /pmc/articles/PMC7435376/ /pubmed/32751739 http://dx.doi.org/10.3390/s20154265 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Foremski, Pawel Nowak, Sławomir Fröhlich, Piotr Hernández-Ramos, José Luis Baldini, Gianmarco Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title | Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title_full | Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title_fullStr | Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title_full_unstemmed | Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title_short | Autopolicy: Automated Traffic Policing for Improved IoT Network Security |
| title_sort | autopolicy: automated traffic policing for improved iot network security |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7435376/ https://www.ncbi.nlm.nih.gov/pubmed/32751739 http://dx.doi.org/10.3390/s20154265 |
| work_keys_str_mv | AT foremskipawel autopolicyautomatedtrafficpolicingforimprovediotnetworksecurity AT nowaksławomir autopolicyautomatedtrafficpolicingforimprovediotnetworksecurity AT frohlichpiotr autopolicyautomatedtrafficpolicingforimprovediotnetworksecurity AT hernandezramosjoseluis autopolicyautomatedtrafficpolicingforimprovediotnetworksecurity AT baldinigianmarco autopolicyautomatedtrafficpolicingforimprovediotnetworksecurity |