UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Blocking Without Breaking: Identification and Mitigation of Non-Essential IoT Traffic

Mandalari, Anna Maria; Dubois, Daniel J; Kolcun, Roman; Paracha, Muhammad Talha; Haddadi, Hamed; Choffnes, David; (2021) Blocking Without Breaking: Identification and Mitigation of Non-Essential IoT Traffic. Proceedings on Privacy Enhancing Technologies , 2021 (4) pp. 369-388. 10.2478/popets-2021-0075. Green open access

[thumbnail of popets-2021-0075.pdf]
Preview
 Text
popets-2021-0075.pdf - Published Version
Download (2MB) | Preview

Abstract

Despite the prevalence of Internet of Things (IoT) devices, there is little information about the purpose and risks of the Internet traffic these devices generate, and consumers have limited options for controlling those risks. A key open question is whether one can mitigate these risks by automatically blocking some of the Internet connections from IoT devices, without rendering the devices inoperable. In this paper, we address this question by developing a rigorous methodology that relies on automated IoTdevice experimentation to reveal which network connections (and the information they expose) are essential, and which are not. We further develop strategies to automatically classify network traffic destinations as either required (i.e., their traffic is essential for devices to work properly) or not, hence allowing firewall rules to block traffic sent to non-required destinations without breaking the functionality of the device. We find that indeed 16 among the 31 devices we tested have at least one blockable non-required destination, with the maximum number of blockable destinations for a device being 11. We further analyze the destination of network traffic and find that all third parties observed in our experiments are blockable, while first and support parties are neither uniformly required or non-required. Finally, we demonstrate the limitations of existing blocklists on IoT traffic, propose a set of guidelines for automatically limiting non-essential IoT traffic, and we develop a prototype system that implements these guidelines.

Type: Article
Title: Blocking Without Breaking: Identification and Mitigation of Non-Essential IoT Traffic
Open access status: An open access version is available from UCL Discovery
DOI: 10.2478/popets-2021-0075
Publisher version: https://doi.org/10.2478/popets-2021-0075
Language: English
Additional information: Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.
Keywords: IoT, privacy, firewall, filtering, blocking
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Electronic and Electrical Eng
URI: https://discovery.ucl.ac.uk/id/eprint/10216298
Downloads since deposit
0Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item