As consumer home automation devices are gaining popularity, more examples exist of these devices being compromised at scale to create large botnets. In this paper, we present Soteria, a specification based IDS/IPS with the aim of reducing the spread and impact of IoT botnets by blocking malicious outbound traffic from a compromised device. We demonstrate Soteria’s ability to block specification-violating network traffic from IoT devices and to alert an IoT device’s manufacturer and owner when the device violates a policy. Furthermore, Soteria’s ability to alert the manufacturer of compromised IoT devices gives manufacturers increased awareness of vulnerabilities being exploited in the wild. We expect that with adoption, Soteria will help limit the spread and impact of IoT botnets.

• This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.

Creator

• LaPointe, Ryan R.
• Maida, Peter Joseph

Publisher

• Worcester Polytechnic Institute

Identifier

• E-project-040220-224246

Advisor

• Shue, Craig A.

Year

• 2020

Date created

• 2020-04-02

Resource type

• Major Qualifying Project

Major

• Computer Science

Rights statement

• In Copyright