Smart home systems, including consumer-grade Internet of Things (IoT) devices, are in a dangerous situation. On the one hand, the number of smart homes is increasing. On the other hand, the devices in these dwellings are often affected by vulnerabilities that could be exploited to generate massive (distributed) attacks. To mitigate the issue of having compromised devices involved in such attacks, the Internet Engineering Task Force (IETF) recently proposed a new standard: the Manufacturer Usage Description (MUD). The main contribution of this paper is to propose a slightly extended version of the MUD architecture. This architecture is centered around a smart home gateway (SHG) that can be extended through the contributions of plug-in developers. Indeed, our proposed approach allows developers to specify which endpoints their plug-ins need to reach. These requirements will then be processed to generate a consolidated gateway-level MUD file exposed by the SHG itself. Thus, thanks to this solution and developers’ intervention, even devices that are not natively “MUD-enabled” would be protected by the MUD standard if integrated through a proper plug-in. Moreover, these requirements are transparent for the device itself. To demonstrate the feasibility of this approach, we realized a proof-of-concept for a widespread open-source smart home gateway: Home Assistant.

A Gateway-based MUD Architecture to Enhance Smart Home Security / Corno, Fulvio; Mannella, Luca. - ELETTRONICO. - (2023), pp. 1-6. (Intervento presentato al convegno 8th International Conference on Smart and Sustainable Technologies (SpliTech 2023) tenutosi a Split/Bol (HR) nel June 20-23, 2023) [10.23919/SpliTech58164.2023.10193747].

A Gateway-based MUD Architecture to Enhance Smart Home Security

Corno, Fulvio;Mannella, Luca
2023

Abstract

Smart home systems, including consumer-grade Internet of Things (IoT) devices, are in a dangerous situation. On the one hand, the number of smart homes is increasing. On the other hand, the devices in these dwellings are often affected by vulnerabilities that could be exploited to generate massive (distributed) attacks. To mitigate the issue of having compromised devices involved in such attacks, the Internet Engineering Task Force (IETF) recently proposed a new standard: the Manufacturer Usage Description (MUD). The main contribution of this paper is to propose a slightly extended version of the MUD architecture. This architecture is centered around a smart home gateway (SHG) that can be extended through the contributions of plug-in developers. Indeed, our proposed approach allows developers to specify which endpoints their plug-ins need to reach. These requirements will then be processed to generate a consolidated gateway-level MUD file exposed by the SHG itself. Thus, thanks to this solution and developers’ intervention, even devices that are not natively “MUD-enabled” would be protected by the MUD standard if integrated through a proper plug-in. Moreover, these requirements are transparent for the device itself. To demonstrate the feasibility of this approach, we realized a proof-of-concept for a widespread open-source smart home gateway: Home Assistant.
2023
978-953-290-128-3
979-8-3503-2320-7
File in questo prodotto:
File Dimensione Formato  
[2023-05-05] SpliTech_HAss-MUD_CameraReady.pdf

accesso aperto

Descrizione: Camera-ready Version
Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 399.77 kB
Formato Adobe PDF
399.77 kB Adobe PDF Visualizza/Apri
[2023-08-01] SpliTech_HAss-MUD_Published.pdf

accesso riservato

Descrizione: Published Version
Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 411.11 kB
Formato Adobe PDF
411.11 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2978408