Autopolicy: Automated Traffic Policing for Improved IoT Network Security
1
Institute of Theoretical and Applied Informatics of the Polish Academy of Sciences (IITiS PAN), Gliwice 44100, Poland
2
European Commission, Joint Research Centre (JRC), 21027 Ispra, Italy
*
Author to whom correspondence should be addressed.
Sensors 2020, 20(15), 4265; https://doi.org/10.3390/s20154265
Received: 2 July 2020
/
Revised: 26 July 2020
/
Accepted: 28 July 2020
/
Published: 30 July 2020
(This article belongs to the Section Internet of Things)
A 2.3Tbps DDoS attack was recently mitigated by Amazon, which is a new record after the 2018 GitHub attack, or the famous 2016 Dyn DNS attack launched from hundreds of thousands of hijacked Internet of Things (IoT) devices. These attacks may disrupt the lives of billions of people worldwide, as we increasingly rely on the Internet. In this paper, we tackle the problem that hijacked IoT devices are often the origin of these attacks. With the goal of protecting the Internet and local networks, we propose Autopolicy: a system that automatically limits the IP traffic bandwidth—and other network resources—available to IoT devices in a particular network. We make use of the fact that devices, such as sensors, cameras, and smart home appliances, rarely need their high-speed network interfaces for normal operation. We present a simple yet flexible architecture for Autopolicy, specifying its functional blocks, message sequences, and general operation in a Software Defined Network. We present the experimental validation results, and release a prototype open source implementation.
View Full-Text
Keywords:
Internet of Things; security; sensor networks; traffic policing; Distributed Denial of Service; packet filtering; firewall; Software-Defined Networking
▼
Show Figures
Figure 1
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
-
Externally hosted supplementary file 1
Link: https://github.com/iitis/autopolicy
Description: Autopolicy source code
MDPI and ACS Style
Foremski, P.; Nowak, S.; Fröhlich, P.; Hernández-Ramos, J.L.; Baldini, G. Autopolicy: Automated Traffic Policing for Improved IoT Network Security. Sensors 2020, 20, 4265. https://doi.org/10.3390/s20154265
AMA Style
Foremski P, Nowak S, Fröhlich P, Hernández-Ramos JL, Baldini G. Autopolicy: Automated Traffic Policing for Improved IoT Network Security. Sensors. 2020; 20(15):4265. https://doi.org/10.3390/s20154265
Chicago/Turabian StyleForemski, Pawel, Sławomir Nowak, Piotr Fröhlich, José L. Hernández-Ramos, and Gianmarco Baldini. 2020. "Autopolicy: Automated Traffic Policing for Improved IoT Network Security" Sensors 20, no. 15: 4265. https://doi.org/10.3390/s20154265
Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
