CONIX Publication

Software-Defined Security Gateway for IoT Deployments

Authors: Vyas Sekar, Tianlong Yu


Internet of Things (IoT) devices are becoming ubiquitous and many have security vulnerabilities. Applying patches to IoT devices is challenging and requires constant user vigilance. Additionally, many IoT devices cannot support host-based prevention systems such as antivirus software. We posit that the network can prevent a device’s vulnerabilities from being exploited. However, existing network defenses are often too coarse-grained for mitigating IoT vulnerabilities. To combat these weaknesses, we propose using a new paradigm that uses a low-cost, software-defined IoT security gateway to protect vulnerable IoT devices in home networks. Each IoT device’s traffic is routed through the gateway, which leverages advances in software-defined networking and network function virtualization to implement agile and specific security functions for that device. We present a vision for realizing this in a scalable, trusted fashion that automatically generates defenses for deployed IoT devices.

Release Date: 09/01/2019
Uploaded File: View