Router based securing of internet of things devices on local area networks

摘要

IoT devices are secured on multiple local area networks. Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server. The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices. Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement. Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores. Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device's communication to specific domains and ports, and/or to specific content. The backend continues to receive monitored information concerning IoT devices from multiple routers over time, and periodically updates constraint profiles.

主权项

1. A method implemented on a backend server computer for securing internet of things (IoT) devices on a plurality of local area networks, each one of the plurality of the local area networks comprising a router and multiple computing devices, the method comprising:
receiving, by the backend server computer from the routers of the multiple ones of the plurality of local area networks, information concerning monitored activities of multiple IoT devices on the multiple ones of the plurality of local area networks; amalgamating, by the backend server computer, information concerning monitored activities of multiple IoT devices received from the routers of the multiple ones of the plurality of local area networks over time; calculating, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, a dynamic reputation score quantifying trustworthiness of the specific IoT device, based on at least amalgamated information concerning monitored activities of the specific IoT device; determining, by the backend server computer for each specific IoT device for which information concerning monitored activities is received, activities the specific IoT device performs in order to execute authorized functionality, based on at least amalgamated information concerning monitored activities of the specific IoT device; creating a constraint profile for each specific IoT device for which information concerning monitored activities is received, based on at least a corresponding reputation score and corresponding determined activities, by the backend server computer, each constraint profile comprising local area network level directives specifying how to enable the corresponding IoT device to execute authorized functionality while maintaining local area network level security; wherein creatine a constraint profile for a specific IoT device based on at least a corresponding reputation score and corresponding determined activities further comprises:
testing the specific IoT device for security vulnerabilities; andconfiguring the constraint profile to protect against at least one discovered security vulnerability; and transmitting the created constraint profiles to the routers of the plurality of local area networks, by the backend server computer.