SIOTOME: An Edge-ISP Collaborative Architecture for IoT Security

Modern households are deploying Internet of Things (IoT) devices at a fast pace. The heterogeneity of these devices, which range from low-end sensors to smart TVs, make securing home IoT particularly challenging. To make matters worse, many consumer-IoT devices are hard or impossible to secure because device manufacturers fail to adopt security best practices (e.g., regular software patches). In this paper we propose a novel, cooperative system between the home gateway and the Internet Service Provider (ISP) to provide data driven security solutions for detecting and isolating IoT security attacks. Our approach is based on a combination of a large-scale view from the ISP (using powerful machine learning techniques on traffic traces), and the fine-grained view of the per-device activity from the home (using edge processing techniques) to provide efficient, yet privacy-aware IoT security services.

[1]  Vijay Sivaraman,et al.  Low-cost flow-based security solutions for smart-home IoT devices , 2016, International Workshop on Ant Colony Optimization and Swarm Intelligence.

[2]  David Aspinall,et al.  POSTER: Weighing in eHealth Security , 2016, CCS.

[3]  Andrea Cavallaro,et al.  Protecting Sensory Data against Sensitive Inferences , 2018, P2DS@EuroSys.

[4]  Atul Prakash,et al.  Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges? , 2017, IEEE Security & Privacy.

[5]  Waqas Aman Assessing the Feasibility of Adaptive Security Models for the Internet of Things , 2016, HCI.

[6]  Roksana Boreli,et al.  Network-level security and privacy control for smart-home IoT devices , 2015, 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[7]  Nick Feamster,et al.  Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic , 2017, ArXiv.

[8]  Steve Benford,et al.  The ins and outs of home networking: The case for useful and usable domestic networking , 2009, TCHI.

[9]  Christoph Sorge,et al.  Privacy Challenges in the Quantified Self Movement – An EU Perspective , 2016, Proc. Priv. Enhancing Technol..

[10]  Hamed Haddadi,et al.  A Hybrid Deep Learning Architecture for Privacy-Preserving Mobile Analytics , 2017, IEEE Internet of Things Journal.

[11]  Qi Li,et al.  Personal Data Management with the Databox: What's Inside the Box? , 2016, CAN@CoNEXT.

[12]  Jun Murai,et al.  Blockchain as an Audit-Able Communication Channel , 2017, 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC).

[13]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.

[14]  Hamed Haddadi,et al.  Personal Data: Thinking Inside the Box , 2015, Aarhus Conference on Critical Alternatives.

[15]  Mathieu Boussard,et al.  Supporting multicast and broadcast traffic for groups of connected devices , 2016, 2016 IEEE NetSoft Conference and Workshops (NetSoft).

[16]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[17]  Athanasios V. Vasilakos,et al.  Software-Defined Networking for Internet of Things: A Survey , 2017, IEEE Internet of Things Journal.

[18]  Martin Hasler,et al.  Distributed machine learning in networks by consensus , 2014, Neurocomputing.

[19]  Mohammad Malekzadeh,et al.  Replacement AutoEncoder: A Privacy-Preserving Algorithm for Sensory Data Analysis , 2017, 2018 IEEE/ACM Third International Conference on Internet-of-Things Design and Implementation (IoTDI).