Autopolicy: Automated Traffic Policing for Improved IoT Network Security

TitleAutopolicy: Automated Traffic Policing for Improved IoT Network Security
Publication TypeJournal Article
Year of Publication2020
AuthorsForemski P, Nowak S, Fröhlich P, Hernandez-Ramos JLuis, Baldini G
Start Page4265
KeywordsInternet of Things; Security; Sensor Networks; Traffic Policing; Distributed Denial of Service; Packet Filtering; Firewall; Software-Defined Networking

A 2.3Tbps DDoS attack was recently mitigated by Amazon, which is a new record after the 2018 GitHub attack, or the famous 2016 Dyn DNS attack launched from hundreds of thousands of hijacked IoT devices. These attacks may disrupt the lives of billions of people worldwide, as we increasingly rely on the Internet. In this paper, we tackle the problem that hijacked IoT devices are often the origin of these attacks. With the goal of protecting the Internet and local networks, we propose Autopolicy: a system that automatically limits the IP traffic bandwidth - and other network resources - available to IoT devices in a particular network. We make use of the fact that devices such as sensors, cameras, and smart home appliances rarely need their high-speed network interfaces for normal operation. We present a simple yet flexible architecture for Autopolicy, specifying its functional blocks, message sequences, and general operation in a Software Defined Network. We present experimental validation results, and release a prototype open source implementation.