Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach
François De Keersmaeker , Ramin Sadre and Cristel Pelsser
Abstract
Internet of Things devices can now be found everywhere, including in our households in the form of Smart Home networks. Despite their ubiquity, their security is unsatisfactory, as demonstrated by recent attacks. The IETF's MUD standard has as goal to simplify and automate the secure deployment of end devices in networks. A MUD file contains a device specific description of allowed network activities (e.g., allowed IP ports or host addresses) and can be used to configure for example a firewall. A major weakness of MUD is that it is not expressive enough to describe traffic patterns representing device interactions, which often occur in modern Smart Home platforms. In this article, we present a new language for describing such traffic patterns. The language allows writing device profiles that are more expressive than MUD files and take into account the interdependencies of traffic connections. We show how these profiles can be translated to efficient code for a lightweight firewall leveraging NFTables to block non-conforming traffic. We evaluate our approach on traffic generated by various Smart Home devices, and show that our system can accurately block unwanted traffic while inducing negligible latency.
Publication Details
- Publication Type
- Technical Report
- Publication Date
- October 2023
BibTeX Citation
@techreport{Keersmaeker2023,
title = {Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach},
author = {François De Keersmaeker and Ramin Sadre and Cristel Pelsser},
year = 2023,
month = oct,
abstract = {Internet of Things devices can now be found everywhere, including in our households in the form of Smart Home networks. Despite their ubiquity, their security is unsatisfactory, as demonstrated by recent attacks. The IETF's MUD standard has as goal to simplify and automate the secure deployment of end devices in networks. A MUD file contains a device specific description of allowed network activities (e.g., allowed IP ports or host addresses) and can be used to configure for example a firewall. A major weakness of MUD is that it is not expressive enough to describe traffic patterns representing device interactions, which often occur in modern Smart Home platforms. In this article, we present a new language for describing such traffic patterns. The language allows writing device profiles that are more expressive than MUD files and take into account the interdependencies of traffic connections. We show how these profiles can be translated to efficient code for a lightweight firewall leveraging NFTables to block non-conforming traffic. We evaluate our approach on traffic generated by various Smart Home devices, and show that our system can accurately block unwanted traffic while inducing negligible latency.},
archiveprefix = {arXiv},
eprint = {2310.03510},
groups = {Technical reports},
primaryclass = {cs.NI}
}
Related publications
The Forest Behind the Tree: Revealing Hidden Smart Home Communication Patterns
François De Keersmaeker, Rémi Van Boxem, and Cristel Pelsser, et al.
Proceedings of the 33rd IEEE International Conference on Network Protocols (ICNP '25), 2025
Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach
De Keersmaeker, François, Ramin Sadre, and Cristel Pelsser
Proceedings of the 2024 IFIP Networking Conference, 2024
Supervising Smart Home Device Interactions: A Profile-Based Firewall Approach
De Keersmaeker, François, Ramin Sadre, and Cristel Pelsser
Network Traffic Measurement and Analysis Conference 2024 TMA, 2024
Impact of Road Congestion on Mobile Networks
Alexandre Vogel, Dena Markudova, and Andra Lutu, et al.
9th IEEE/IFIP Network Traffic Measurement and Analysis Conference (TMA 2025), 2025