In recent years, the technology of Internet of Things (IoT) has been widely applied in various fields, which means a large number of IoT apparatuses having been deployed in various environments.
Many security problems are associated with the function-oriented IoT apparatuses. A frequently encountered problem is that the recently-discovered and/or undiscovered program security vulnerability of an IoT apparatus cannot be repaired timely and, therefore, the latest attack routes/means of hackers cannot be blocked. For example, a hacker may launch a zero-day attack against the program security vulnerability of an IoT apparatus which is not repaired timely (i.e., zero-day exploit), e.g., launching a Distributed Denial of Service (DDoS) attack against the zero-day exploit. A hacker may intrude in an IoT apparatus via the program security vulnerability that is recently discovered and/or undiscovered, make an illegal application executed on the IoT apparatus, and, thereby, manipulate the IoT apparatus to execute various illegal operations, e.g., control an IP camera to execute a specific function and derive images.
To prevent IoT apparatuses from being attacked by hackers, some conventional technologies deal with the information security issue by filtering activating applications according to a predetermined blacklist. The blacklist may comprise IP addresses (i.e., illegal or suspicious IP addresses) that have to be filtered out or features of program codes of malicious software. Nevertheless, a blacklist cannot be updated timely and, thus, there is still a window that the information security is still vulnerable. Additionally, some conventional technologies deal with the information security issue by adopting a centralized management or single-point defense architecture. However, this practice has the problems that an apparatus being responsible for the management/defense becomes the target of attacks and attack information cannot be shared. As a result, effective security protection cannot be achieved as well. Accordingly, there is still an urgent need for a monitor method that can maintain information security of IoT apparatuses.