SERENIoT: Collaborative Network Security Policy Management and Enforcement for Smart Homes
This addresses the problem of securing smart home IoT devices without relying on manufacturers or trusted parties, though it is incremental as it builds on existing whitelisting approaches.
The paper tackles the challenge of determining correct whitelisted behavior for IoT devices by proposing SERENIoT, a blockchain-based system that collaboratively builds whitelists from majority-observed network behavior, automatically adapting to software updates, and demonstrates security, scalability, and performance through proof-of-concept implementations.
Network traffic whitelisting has emerged as a dominant approach for securing consumer IoT devices. However, determining what the whitelisted behavior of an IoT device should be remains an open challenge. Proposals to date have relied on manufacturers and trusted parties to provide whitelists, but these proposals require manufacturer involvement or placing trust in an additional stakeholder. Alternatively, locally monitoring devices can allow building whitelists of observed behavior, but devices may not exhaust their functionality set during the observation period, or the behavior may change following a software update which requires re-training. This paper proposes a blockchain-based system for determining whether an IoT device is behaving like other devices of the same type. Our system (SERENIoT, pronounced Serenity) overcomes the challenge of initially determining the correct behavior for a device. Nodes in the SERENIoT public blockchain submit summaries of the network behavior observed for connected IoT devices and build whitelists of behavior observed by the majority of nodes. Changes in behavior through software updates are automatically whitelisted once the update is broadly deployed. Through a proof-of-concept implementation of SERENIoT on a small Raspberry Pi IoT network and a large-scale Amazon EC2 simulation, we evaluate the security, scalability, and performance of our system.