Network service dependencies in commodity internet-of-things devices

We continue to see increasingly widespread deployment of IoT devices, with apparent intent to embed them in our built environment likely to accelerate if smart city and related programmes succeed. In this paper we are concerned with the ways in which current generation IoT devices are being designed in terms of their ill-considered dependencies on network connectivity and services. Our hope is to provide evidence that such dependencies need to be better thought through in design, and better documented in implementation so that those responsible for deploying these devices can be properly informed as to the impact of device deployment (at scale) on infrastructure resilience. We believe this will be particularly relevant as we feel that commodity IoT devices are likely to be commonly used to retrofit "smart" capabilities to existing buildings, particularly domestic buildings. To the existing body of work on network-level behaviour of IoT devices, we add (i) a protocol-level breakdown and analysis of periodicity, (ii) an exploration of the service and infrastructure dependencies that will implicitly be taken in "smart" environments when IoT devices are deployed, and (iii) examination of the robustness of device operation when connectivity is disrupted. We find that many devices make use of services distributed across the planet and thus appear dependent on the global network infrastructure even when carrying out purely local actions. Some devices cease to operate properly without network connectivity (even where their behaviour appears, on the face of it, to require only local information, e.g., the Hive thermostat). Further, they exhibit quite different network behaviours, typically involving significantly more traffic and possibly use of otherwise unobserved protocols, when connectivity is recovered after some disruption.

[1]  Antonio Pescapè,et al.  A packet-level characterization of network traffic , 2006, 2006 11th International Workshop on Computer-Aided Modeling, Analysis and Design of Communication Links and Networks.

[2]  Yier Jin,et al.  Privacy and Security in Internet of Things and Wearable Devices , 2015, IEEE Transactions on Multi-Scale Computing Systems.

[3]  Vern Paxson,et al.  Issues and etiquette concerning use of shared measurement data , 2007, IMC '07.

[4]  Victor C. M. Leung,et al.  On Building Smart City IoT Applications: a Coordination-based Perspective , 2016, IWSC@Middleware.

[5]  Hamed Haddadi,et al.  Human-Data Interaction , 2016 .

[6]  Angela Orebaugh,et al.  Wireshark & Ethereal Network Protocol Analyzer Toolkit (Jay Beale's Open Source Security) , 2006 .

[7]  Ju Ren,et al.  Serving at the Edge: A Scalable IoT Architecture Based on Transparent Computing , 2017, IEEE Network.

[8]  Nick Feamster,et al.  Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic , 2017, ArXiv.

[9]  Hamoud M. Aldosari A Proposed Security Layer for the Internet of Things Communication Reference Model , 2015 .

[10]  Bilal Succar,et al.  Building information modelling framework: A research and delivery foundation for industry stakeholders , 2009 .

[11]  Harald P. E. Vranken,et al.  Resilience of the Domain Name System: A case study of the .nl-domain , 2018, Comput. Networks.

[12]  Ralph E. Droms,et al.  Manufacturer Usage Description Specification , 2019, RFC.

[13]  Raymond K. Wong,et al.  Protocol Identification of Encrypted Network Traffic , 2006, 2006 IEEE/WIC/ACM International Conference on Web Intelligence (WI 2006 Main Conference Proceedings)(WI'06).

[14]  Haibin Zhang,et al.  Connecting Intelligent Things in Smart Hospitals Using NB-IoT , 2018, IEEE Internet of Things Journal.

[15]  Shiyang Chen,et al.  Visualizing and characterizing DNS lookup behaviors via log-mining , 2015, Neurocomputing.

[16]  Yang Xiao,et al.  A survey of distributed denial-of-service attack, prevention, and mitigation techniques , 2017, Int. J. Distributed Sens. Networks.

[17]  M. Hemanth Kumar,et al.  Cyber security and the Internet of Things: Vulnerabilities, threats, intruders and attacks , 2019 .

[18]  Sungrae Cho,et al.  Securing Heterogeneous IoT With Intelligent DDoS Attack Behavior Learning , 2017, IEEE Systems Journal.

[19]  Vijay Gopalakrishnan,et al.  Connected cars in cellular network: a measurement study , 2017, Internet Measurement Conference.

[20]  Deepak Kumar,et al.  Tracking Certificate Misissuance in the Wild , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[21]  Nick Feamster,et al.  Detecting Compressed Cleartext Traffic from Consumer Internet of Things Devices , 2018, ArXiv.

[22]  David J. Danelski,et al.  Privacy and Freedom , 1968 .

[23]  Andreas Jacobsson,et al.  An analysis of malicious threat agents for the smart connected home , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[24]  Nick Feamster,et al.  Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers , 2017, ArXiv.

[25]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[26]  Heejo Lee,et al.  GMAD: Graph-based Malware Activity Detection by DNS traffic analysis , 2014, Comput. Commun..

[27]  Vijay Sivaraman,et al.  Characterizing and classifying IoT traffic in smart cities and campuses , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).