polito.it
Politecnico di Torino (logo)

Enhancing and testing smart home security through a MUD-enabled environment

Fabio Orazio Mirto

Enhancing and testing smart home security through a MUD-enabled environment.

Rel. Fulvio Corno, Luca Mannella. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2023

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (4MB) | Preview
Abstract:

The increasing number of Internet of Things (IoT) devices in smart homes now offers a high level of efficiency and convenience that we have never seen before. However, this rapid growth also introduces some new challenges related to the security of these systems. To address those challenges, IETF introduced Manufacturer Usage Description (MUD). MUD is a standard that offers a way to specify the network behavior and permissions of devices that are MUD-enabled. To achieve this goal, the MUD standard uses a white-listing approach based on a set of rules (also called policies), written by the device's manufacturer. So, all traffic that is not expressly allowed by the manufacturer is blocked. These rules are read from a file, called MUD File, and instantiated for allowing connections between two end-points, for instance, using a firewall. By offering better control over devices’ interactions inside the smart home ecosystem, provides a potential way to improve network security. This potential is also recognized by ENISA and NIST. The main contribution of this thesis is to build and test a MUD-enabled smart home environment. In this scenario, there is a diverse set of IoT devices that should be managed by a Smart Home Gateway (SHG), in our case Home Assistant. By integrating the MUD standard inside the SHG, it is possible to achieve a higher level of network security and reduce the surface of attacks (e.g., avoiding unauthorized access or Denial of Service attacks). In the context of IoT devices, the produced solution includes end-point identification for the production of the rules for the different integrations. This is done by performing a manual analysis of the traffic and source code of the integrations. After the initial setup, the proposed solution increases the security of the smart home without the need for further user action.

Relatori: Fulvio Corno, Luca Mannella
Anno accademico: 2023/24
Tipo di pubblicazione: Elettronica
Numero di pagine: 72
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA
Aziende collaboratrici: Politecnico di Torino
URI: http://webthesis.biblio.polito.it/id/eprint/29548
Modifica (riservato agli operatori) Modifica (riservato agli operatori)