Shue, Craig A.
As consumer home automation devices are gaining popularity, more examples exist of these devices being compromised at scale to create large botnets. In this paper, we present Soteria, a specification based IDS/IPS with the aim of reducing the spread and impact of IoT botnets by blocking malicious outbound traffic from a compromised device. We demonstrate Soteria's ability to block specification-violating network traffic from IoT devices and to alert an IoT device's manufacturer and owner when the device violates a policy. Furthermore, Soteria's ability to alert the manufacturer of compromised IoT devices gives manufacturers increased awareness of vulnerabilities being exploited in the wild. We expect that with adoption, Soteria will help limit the spread and impact of IoT botnets.
Worcester Polytechnic Institute
Major Qualifying Project
All authors have granted to WPI a nonexclusive royalty-free license to distribute copies of the work, subject to other agreements. Copyright is held by the author or authors, with all rights reserved, unless otherwise noted.