As the complexity of home networks has grown in recent years, the security of multi-type devices connected in the residential environment, such as Internet-of-Things (IoT) devices, is increasingly important due to their widespread presence in homes and their physical capabilities. Many people are concerned about potential security weaknesses in these devices, since home networks lack the powerful security tools and trained personnel available in enterprise networks. However, securing various devices connected in home networks is challenging due to their different communication protocol, varied designs, multiple manufacturers, and potentially limited availability of long-term firmware updates. Home networks could introduce new physical hardware to enable security screening locally for securing in-network devices, but the capital and purchase costs may impede deployment. In this work, we propose several methods to utilize the Android smartphone operating system to secure varied devices connected in home networks. We explore access control mechanisms that tightly constrain access to IoT devices at the residential router, with the goal of precluding access that is inconsistent with legitimate users' goals. This approach works across device types and manufacturers with a straightforward API and state machine construction. The results of our experiments show it identifies 100\% of malicious traffic while correctly allowing more than 98\% of legitimate network traffic. Moreover, we introduce a system to leverage existing available devices that are already inside a home network, such as Android smartphones, to create a platform for traffic inspection. This software-based solution avoids new hardware deployment and allows decryption of traffic without introducing new risk associated with new third parties. In terms of performance, we note it outperforms the state-of-the-art method in on-router traffic inspection. We also improve and evaluate an Android-based software-defined networking (SDN) system, which shows promising results on securing network traffic in Android applications.

Creator

• Liu, Shuwen

Contributors

• Shue, Craig A.
• Walls, Robert Joseph

Degree

• MS

Unit

• Computer Science

Publisher

• Worcester Polytechnic Institute

Identifier

• etd-104646

Keyword

• Android Operating System
• Opportunistic Middleboxes
• Residential Networks
• Internet-of-Things (IoT)

Advisor

• Shue, Craig A.

Defense date

• 2023-04-18

Year

• 2023

Date created

• 2023-04-24

Resource type

• Thesis

Source

• etd-104646

Rights statement

• In Copyright

Last modified

• 2023-12-05