Imperial College London
Portrait Picture

Professor Hamed Haddadi

Faculty of EngineeringDepartment of Computing

Professor of Human-Centred Systems
 
 
 
//

Contact

 

h.haddadi Website

 
 
//

Location

 

2Translation & Innovation Hub BuildingWhite City Campus

//

Summary

 

Publications

Citation

BibTex format

@unpublished{Mandalari:2021,
author = {Mandalari, AM and Dubois, DJ and Kolcun, R and Paracha, MT and Haddadi, H and Choffnes, D},
publisher = {arXiv},
title = {Blocking without breaking: identification and mitigation ofnon-essential IoT traffic},
url = {http://arxiv.org/abs/2105.05162v1},
year = {2021}
}
Download

RIS format (EndNote, RefMan)

TY  - UNPB
AB  - Despite the prevalence of Internet of Things (IoT) devices, there is littleinformation about the purpose and risks of the Internet traffic these devicesgenerate, and consumers have limited options for controlling those risks. A keyopen question is whether one can mitigate these risks by automatically blockingsome of the Internet connections from IoT devices, without rendering thedevices inoperable. In this paper, we address this question by developing arigorous methodology that relies on automated IoT-device experimentation toreveal which network connections (and the information they expose) areessential, and which are not. We further develop strategies to automaticallyclassify network traffic destinations as either required (i.e., their trafficis essential for devices to work properly) or not, hence allowing firewallrules to block traffic sent to non-required destinations without breaking thefunctionality of the device. We find that indeed 16 among the 31 devices wetested have at least one blockable non-required destination, with the maximumnumber of blockable destinations for a device being 11. We further analyze thedestination of network traffic and find that all third parties observed in ourexperiments are blockable, while first and support parties are neitheruniformly required or non-required. Finally, we demonstrate the limitations ofexisting blocklists on IoT traffic, propose a set of guidelines forautomatically limiting non-essential IoT traffic, and we develop a prototypesystem that implements these guidelines.
AU  - Mandalari,AM
AU  - Dubois,DJ
AU  - Kolcun,R
AU  - Paracha,MT
AU  - Haddadi,H
AU  - Choffnes,D
PB  - arXiv
PY  - 2021///
TI  - Blocking without breaking: identification and mitigation ofnon-essential IoT traffic
UR  - http://arxiv.org/abs/2105.05162v1
UR  - http://hdl.handle.net/10044/1/88830
ER  -
Download