|
Recent years have seen the Internet playing an increasingly critical role in our daily lives with home networks hosting PCs, tablets, mobile devices along with more specialized devices such as smart televisions, thermostats, and other Internet-of-Things (IoT) devices. While these devices offer users an array of services and conveniences, they come at the cost of introducing security vulnerabilities into the home network. Thus users are confronted with the dual challenges of securing their networks and devices against malicious software (malware) and botnets that may perform distributed denial of service attacks on commercial and public websites and of maintaining the privacy of increasingly personal flows of data through IoT devices.
This project takes a multifaceted look at the problem of securing home networks in the face of these challenges. Specifically, it includes a partnership with a Brazilian Internet Service Provider giving access to data from thousands of home network connections. This allows the creation of a baseline of network behavior against which to identify malicious behavior due to malware or compromised devices. Second, the project will develop behavior models of typical use of IoT in the wild. This will allow a better understanding of how sensitive and personal information can leak from IoT devices to IoT providers. The baseline and the IoT behavior models will lead to new methods for identifying the presence of anomalous/malicious behavior as well as leakage of privacy information. The research conducted in this project provides significant benefits to society. First, the results will allow users to enhance the security of their home networks and better protect personal and sensitive information. Second, the project will provide substantial opportunities for students to develop software and research skills along with cybersecurity skills.
This project tackles the problem of securing modern home networks. The approach to this problem will be analytical and empirical. The project will consist of:
(i) Development of techniques based on statistical analysis and machine learning that rely on data gathered in home networks to detect and classify malicious network activities. These techniques will focus on malicious activities both within and outside home networks.
(ii) Fingerprinting of home network traffic to enable detection of compromised devices and characterization of the behavior of such devices even when flows are encrypted.
(iii) Development of tools that will help users control access to their data.
|
EAGER: USBRCCR: Improving Network Security at the Network Edge