IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

TLDR

The rapid growth of IoT has heightened security concerns, as many IP‑connected home and office devices suffer from flawed designs, lack firmware update mechanisms, and pose risks that require brownfield protection strategies. This paper presents IoT Sentinel, a system designed to automatically identify device types in an IoT network and enforce rules that constrain vulnerable devices to minimize damage from compromise. IoT Sentinel accomplishes this by detecting connected device types and applying communication constraints tailored to identified vulnerabilities. Evaluation shows IoT Sentinel accurately identifies device types and incurs minimal performance overhead.

Abstract

With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead.

References

Page 1

	Year	Citations

Page 1