Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach

@poster{DeKeersmaeker2024a,
	title        = {Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach},
	author       = {De Keersmaeker, François and Sadre, Ramin and Pelsser, Cristel},
	year         = 2024,
	month        = may,
	booktitle    = {Network Traffic Measurement and Analysis Conference 2024 {TMA}},
	address      = {Dresden, Germany},
	doi          = {10.13140/RG.2.2.13935.85921},
	url          = {http://hdl.handle.net/2078.1/287797},
	note         = {Poster presentation},
	abstract     = {Despite their ubiquity, the security of Internet of Things devices is unsatisfactory, as demonstrated by several attacks. The IETF’s MUD standard aims to simplify and automate the secure deployment of network devices. A MUD file specifies a device-specific description of allowed network activities (e.g., allowed IP ports or host addresses) and can be used to configure for example a firewall. A major weakness of MUD is that it is not expressive enough to describe device interactions, which often occur between devices in modern Smart Home platforms. In this article, we present a new language for describing such traffic patterns. The language allows writing device profiles that are more expressive than MUD files and can describe complex traffic patterns. We show how these profiles can be translated to efficient code for a lightweight firewall. We evaluate our approach on traffic generated by various Smart Home devices, and show that our system can accurately block unwanted traffic while inducing negligible latency.},
	eventdate    = {2024-05-21/2024-05-24},
	groups       = {Posters},
	keywords     = {IoT, smart home, security, firewall, device profiling, home automation},
	organization = {UCL - SST/ICTM/INGI - Pôle en ingénierie informatique}
}