As more and more devices are connected to the Internet-of-Things, often made by non-specialist companies or short-lived startups, the likelihood that these devices will be hacked and used for nefarious activity online increases. We seek to support non-expert users in managing the network behaviour of their IoT devices, and assisting them in handling the cases where those devices are hacked. To do so, we wish to enable anomaly detection at the network level, determining when a device starts behaving unusually. This requires capturing data about how devices behave in a diverse range of real deployments, not just lab environments. To that end, we present IoTCrowdsourcery, a toolset for capturing traffic data from real-world IoT deployments. Participants collect packet traces from their IoT devices through our software, and provide them via a crowdsourcing infrastructure. The key challenges to overcome are to make the process straightforward enough for non-expert participants to carry out, and to ensure that legal (notably GDPR) and ethical issues are carefully handled by ensuring that participants understand what they are doing, and are provided with various means to exercise agency in participating, and ultimately to withdraw their participation if they wish. We envisage the captured traces being analysed to develop behavioural models of IoT devices which will be used for anomaly detection, improving the security of our smart homes and more generally of the Internet.
[1]
Ali Dehghantanha,et al.
A Two-Layer Dimension Reduction and Two-Tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks
,
2019,
IEEE Transactions on Emerging Topics in Computing.
[2]
Tom Rodden,et al.
Homework: putting interaction into the infrastructure
,
2012,
UIST '12.
[3]
Nick Feamster,et al.
IoT Inspector: Crowdsourcing Labeled Network Traffic from Smart Home Devices at Scale
,
2019,
ArXiv.
[4]
Qi Li,et al.
Network service dependencies in commodity internet-of-things devices
,
2019,
IoTDI.