New method to defend against smart home device attacks

Issue 6 2020 Smart Home Automation

Instead of relying on customers to protect their vulnerable smart home devices from being used in cyber-attacks, Ben-Gurion University of the Negev (BGU) and National University of Singapore (NUS) researchers have developed a new method that enables telecommunications and Internet service providers to monitor these devices.

According to their new study published in Computers & Security, the ability to launch massive distributed denial-of-service (DDoS) attacks via a botnet of compromised devices is an exponentially growing risk in the Internet of Things (IoT). Such massive attacks, possibly emerging from IoT devices in home networks, impact the attack target, as well as the infrastructure of telecommunication service providers (telcos).

“Most home users don’t have the awareness, knowledge, or means to prevent or handle ongoing attacks,” says Yair Meidan, a Ph.D. candidate in the BGU Department of Software and Information Systems Engineering (SISE). “As a result, the burden falls on the telcos to handle. Our method addresses a challenging real-world problem that has already caused attacks in Germany and Singapore, and poses a risk to telco infrastructure and their customers worldwide.”

Each connected device has a unique IP address. However, home networks typically use gateway routers with NAT (network address translation) functionality, which replaces the local source IP address of each outbound data packet with the household router’s public IP address. Consequently, detecting connected IoT devices from outside the home network is a challenging task.

The researchers developed a method to detect connected, vulnerable IoT models before they are compromised by monitoring the data traffic from each smart home device. This enables telcos to verify whether specific IoT models, known to be vulnerable to exploitation by malware for cyber-attacks, are connected to the home network. It helps telcos identify potential threats to their networks and take preventive actions quickly.

By using the proposed method, a telco can detect vulnerable IoT devices connected behind a NAT, and use this information to take action. In the case of a potential DDoS attack, this method would enable the telco to take steps to spare the company and its customers from harm in advance, such as offloading the large volume of traffic generated by an abundance of infected domestic IoT devices. In turn, this could prevent the combined traffic surge from hitting the telco’s infrastructure, reduce the likelihood of service disruption, and ensure continued service availability.

“Unlike some past studies that evaluated their methods using partial, questionable, or completely unlabelled datasets, or just one type of device, our data is versatile and explicitly labelled with the device model,” Meidan says. “We are sharing our experimental data with the scientific community as a novel benchmark to promote future reproducible research in this domain [1].”

This research is a first step toward dramatically mitigating the risk posed to telcos’ infrastructure by domestic NAT IoT devices. In the future, the researchers seek to further validate the scalability of the method, using additional IoT devices that represent an even broader range of IoT models, types and manufacturers.

“Although our method is designed to detect vulnerable IoT devices before they are exploited, we plan to evaluate the resilience of our method to adversarial attacks in future research,” Meidan says. “Similarly, a spoofing attack, in which an infected device performs many dummy requests to IP addresses and ports that are different from the default ones, could result in missed detection.”

[1] This dataset can be found here: https://doi.org/10.5281/zenodo.3924770




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Connected-home predictions for 2021
Issue 9 2020
The global smart home market is forecast to grow to $53,45 billion in size by 2022. Veego Software offers five predictions for smart home automation in 2021.

Read more...
Protecting you and your home with IoT
25 November 2020 , Smart Home Automation, Smart Home Automation
IoT technology gives people the power to keep a watchful eye on what is important to them, whether they are 200 metres or 200 kilometres away.

Read more...
Is working from home the silver bullet you think it is?
Issue 8 2020 , Smart Home Automation
One of its biggest impacts on society and business is WFH, an acronym that came out of nowhere to become a household word.

Read more...
Multi-tenant access control
Issue 5 2020, Suprema , Smart Home Automation
Suprema controls access to mixed-use development that is an icon of sustainable environmental growth.

Read more...
Collaborative security in communities
Issue 5 2020
Want to change the dialogue around security in South Africa? Work together. Communities can fundamentally change the face of crime.

Read more...
Technology and new systems
Issue 3 2020, Fidelity ADT , Smart Home Automation
The SA crime profile, along with its unique socio-economic landscape, means that South Africa’s security industry is one of the oldest bespoke private security industries in the world.

Read more...
Huawei includes Namola safety app
Issue 1 2020
Huawei has partnered with South Africa’s personal safety app, Namola, to ensure that more South Africans have access to the service.

Read more...
Do you have the smarts?
November 2019
Melissa Davidson from lighting retailer The Lighting Warehouse offers an overview on their latest smart LED ceiling light, which also acts as a Bluetooth speaker.

Read more...
The top five holiday scams
November 2019
The holiday season is a sea of shopping, laughter, gifts and entertainment. It is also a swamp of security risks and hacks and fraudsters, lurking on the edges of the festive fun.

Read more...
Be awake to the deepfake
November 2019
SA’s Wireless Application Service Providers’ Association is advising smartphone users alarmed by the ‘deepfake’ phenomenon that the expected promulgation of South Africa’s Cybercrimes and Cyberbullying Bill is imminent.

Read more...