Toward Secure Edge Networks: Taming Device-to-Device (D2D) Communication in IoT
Security problems in environments hosting Internet-of-Things (IoT) devices have become apparent, as traditional signature-based anomaly detection techniques fail to secure them due to complex device-to-device (D2D) interactions and heterogeneous traffic patterns. To tackle this emerging security disparity, we propose IoT-KEEPER, a two-tier platform for securing IoT communications within and across edge networks. In specific, IoT-KEEPER secures not only the device-to-infrastructure (Internet) communication, but also D2D communications between devices within edge networks. Different from existing offline solutions that perform network traffic classification over already collected data, IoT-KEEPER continuously inspects the network to identify any suspicious activities and enforce necessary security policies to block such activities. Unlike legacy solutions such as firewall and NIDS, IoT-KEEPER is able to detect and block anomalous activities in the network with its feature-based clustering framework in real time, without requiring explicit traffic signatures nor additional hardware installation. We have deployed a real-world testbed to demonstrate that IoT-KEEPER can identify misbehaving IoT devices based on their network activity with high accuracy, and enforce security policies to isolate such devices in real time. IoT-KEEPER is lightweight, responsive and an effectively handle complex D2D interactions without requiring explicit attack signatures or sophisticated hardware.
READ FULL TEXT