A transparent and secure gateway solution for IoT networks

The Internet has revolutionized global connectivity, giving rise to the Internet of Things (IoT). These diverse devices are able to convert analogical information from the surrounding environment into digital data and send these over a network. Industrial IoT (IIoT) appliances are used nowadays in a wide range of different fields, from agricolture to industry. However, the rapid growth of IoT has exposed a security gap, due to lack of hardware resources, weak security measures and misconfigurations often due to the neglect. Manufacturers prioritize quick market entry and lack standardized security practices, making IoT devices attractive targets for cyber threats. To tackle these challenges, the EU's Horizon 2020 program founded the FISHY project, which aims to create a cyber-resilient platform for establishing trusted supply chains. The present work proposes an IoT Proxy, a modular secure gateway solution for IoT networks. Born as part of the FISHY project, IoT Proxy externalizes the management of security-related aspects for IoT devices, enhancing device security and network isolation. It offers standalone and FISHY platform integration options. The modular design of IoT Proxy allows configurable security controls in a completely transparent way from the IoT devices point of view, which means its installation does not imply any changes on IoT devices configuration. Two native modules provided by IoT Proxy. The first is a machine learning-based Intrusion Prevention System (IPS), able to identify and mitigate IoT-related attacks. This module also implements "oblivious authentication" concept to detect unusual behaviors by IoT devices. The second module leverages strongSwan, a versatile VPN solution, for encryption and authentication, securing IoT device communications and data. Experimental results demonstrate IoT Proxy's feasibility and effectiveness, even when multiple modules are active concurrently, with a modest network performance degradation. IoT Proxy offers a promising solution to address IoT device security concerns, vital as IoT device numbers surge, safeguarding against evolving threats and protecting critical systems and data.