Toward Secure Edge Networks: Taming Device-to-Device (D2D) Communication in IoT

12/16/2017
by   Ibbad Hafeez, et al.
0

Security problems in environments hosting Internet-of-Things (IoT) devices have become apparent, as traditional signature-based anomaly detection techniques fail to secure them due to complex device-to-device (D2D) interactions and heterogeneous traffic patterns. To tackle this emerging security disparity, we propose IoT-KEEPER, a two-tier platform for securing IoT communications within and across edge networks. In specific, IoT-KEEPER secures not only the device-to-infrastructure (Internet) communication, but also D2D communications between devices within edge networks. Different from existing offline solutions that perform network traffic classification over already collected data, IoT-KEEPER continuously inspects the network to identify any suspicious activities and enforce necessary security policies to block such activities. Unlike legacy solutions such as firewall and NIDS, IoT-KEEPER is able to detect and block anomalous activities in the network with its feature-based clustering framework in real time, without requiring explicit traffic signatures nor additional hardware installation. We have deployed a real-world testbed to demonstrate that IoT-KEEPER can identify misbehaving IoT devices based on their network activity with high accuracy, and enforce security policies to isolate such devices in real time. IoT-KEEPER is lightweight, responsive and an effectively handle complex D2D interactions without requiring explicit attack signatures or sophisticated hardware.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset