A Rule-Based Algorithm of Finding Valid Hosts for IoT Device Using Its Network Traffic

As the number of IoT devices continues to grow every day, we can say without a doubt that one day IoT devices will be used in every aspect of our life. However, devices without an appropriate security management can be easily exploited by adversaries and used for malicious reasons. This research focuses on a way to secure end-device and we have proposed a system which prevents malicious traffic from intruding into the system. Our target IoT devices are device which main functions are gathering data and transferring those data to its server. Our approach is to determine a set of rules based on network traffic, any hosts which not comply with the rules are considered invalid and all of the traffic related to it would be cut down by the switch. Hosts which followed the rule are acknowledged as secure and added to list called “White List”. In our experiment, all of the hosts found in the white list are valid hosts, such as device’s NTP, DNS, HTTP, DHCP servers. Experiment was only conducted on 2 devices; more experiment result is necessary before implementing into real environment.