Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things
Tianlong Yu
Vyas Sekar
Srini Seshan
Yuvraj Agarwal
Chenren Xu
HotNets 2015: Fourteenth ACM Workshop on Hot Topics in Networks.

Abstract

The Internet-of-Things (IoT) has quickly moved from the realm of hype to reality with estimates of over 25 billion devices deployed by 2020. While IoT has huge potential for societal impact, it comes with a number of key security challenges---IoT devices can become the entry points into critical infrastructures and can be exploited to leak sensitive information. Traditional host-centric security solutions in today's IT ecosystems (e.g., antivirus, software patches) are fundamentally at odds with the realities of IoT (e.g., poor vendor security practices and constrained hardware). We argue that the network will have to play a critical role in securing IoT deployments. However, the scale, diversity, cyberphysical coupling, and cross-device use cases inherent to IoT require us to rethink network security along three key dimensions: (1) abstractions for security policies; (2) mechanisms to learn attack and normal profiles; and (3) dynamic and context-aware enforcement capabilities. Our goal in this paper is to highlight these challenges and sketch a roadmap to avoid this impending security disaster.

Bibtex

@inproceedings{Yu2015HandlingAT,
author = {Yu, Tianlong and Sekar, Vyas and Seshan, Srinivasan and Agarwal, Yuvraj and Xu, Chenren},
year = {2015},
month = {11},
pages = {1-7},
title = {Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things},
doi = {10.1145/2834050.2834095}
}

Plain Text

Yu, Tianlong & Sekar, Vyas & Seshan, Srinivasan & Agarwal, Yuvraj & Xu, Chenren. (2015). Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things. 1-7. 10.1145/2834050.2834095.