Increase in the commercial availability of IP-enabled products, like Internet of Things (IoT) devices, has resulted in a wide proliferation of internet-connected micro-computing platforms, which has created a widespread and vulnerable attack surface for criminals and hackers. The IoT devices often act as consumer-friendly plug-and-play units, promising access to capabilities and services like in-home entertainment, home security, or nutrition monitoring. Consumers often trust the IoT devices with vital home security or personal safety functionality, such as the home monitoring capabilities offered by IP cameras. Manufacturers may commonly build the IoT devices around Linux® or Unix® kernels and run feature-limited versions of well-known operating systems. The combination of a standardized IP stack, processing power, and local storage may make the IoT devices as vulnerable to computer attacks as a desktop, mobile, or infrastructure computer. Hackers may exploit the networked capability to create large-scale attack platforms capable of launching powerful distributed denial of service (DDos) attacks against corporations or countries. Hackers may also exploit IoT devices to steal personal information or take control of IoT home devices.
Preventing misuse of these platforms is vital to ensuring internet security. Many manufactures have made attempts to protect the IoT devices from attack. In conventional methods, the source file examination and vulnerability analysis of current widespread exploits may have allowed some targeted protection against the known attacks. However, placing trust of personal or corporate security in the hands of IoT manufacturers, who have varying commercial and security backgrounds, may leave much to be desired as a comprehensive network protection solution. In addition, corporate-level IoT patching may potentially involve large scale support work of manually, possible even physically, updating devices. Such a solution may grow in complexity if a network is comprised of devices from many manufacturers, running differing and possibly proprietary operating systems. Additionally, network administrators or security professionals may need device-specific knowledge for each security upgrade, or skilled consultants, on a regular update basis.
An alternative conventional approach to securing a network of IoT devices may be to install infrastructure components like network firewalls, access control lists, or domain controllers. The network hardening approach may be feasible in corporations with existing network security infrastructure by adding aggressive access rules, or updating critical security components. However, such a solution may not scale back to protection of home networks. Nor may it provide a solution for mobile environments where IoT elements might exist, such as a battlefield. Additionally, installing enterprise-grade security components may necessitate enterprise-grade network security training and security-savvy administrators.