The first paper using the FedLab, which has been developed within the INTERSCT project, has been accepted and will be presented this week during the ACM ACSAC 2022 conference in Austin, Texas.
The paper is titled “Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behaviour profiles”, and is the result of a fruitful collaboration between the research group at TNO (Luca Morgese, Tim Booji), UT (Thijs van Ede, Andrea Continella), and TU/e (Savio Sciancalepore, Luca Allodi).
In a nutshell, the paper introduces MUDscope, a tool that leverages a recently proposed specification for IoT manufacturers (MUD, RFC 8520), to collect necessarily-anomalous traffic from IoT devices.
By correlating traces of anomalous traffic from multiple devices, MUDscope offers a novel vantage point to detect and monitor IoT threats, gaining insights into when and where they spread.
Interested readers can view and download the pre-print of the paper at: https://vm-thijs.ewi.utwente.nl/static/homepage/papers/mudscope.pdf.
The paper will be presented this week in Austin (TX, US) during the prestigious ACM Annual Computer Security Applications Conference (ACSAC), one of the most famous and prestigious venues worldwide for applied security research.