MUDirect: Protecting P2P IoT Devices with MUD

Manufacturer Usage Description (MUD) is a new, whitelist-based cybersecurity standard that was recently proposed by the IETF to cope with the huge attack surface and a constantly increasing number of IoT devices connected to the Internet. MUD allows the IoT manufacturers themselves to publish the legitimate communication patterns of their devices, making it easier for security devices to enforce this policy, filter out non-complying traffic, and block a device in case it has been compromised. Typically, MUD includes a set of legitimate endpoints, specified either by domain names or by IP addresses, along with the legitimate port numbers and protocols. While these descriptions are adequate when IoT devices connect (as clients) to servers (e.g., services in the cloud), they cannot adequately describe the cases where IoT devices act as servers to which endpoints connect. These endpoints (e.g., users' mobile devices) typically do not have fixed IP addresses, nor do they associate with a domain name. In this case, accounting for 78 % of IoT devices we have surveyed, MUD degrades nowadays to allow all possible endpoints and cannot mitigate any attack. In this work, we evaluate this phenomenon and show it has a high prevalence today, thus harming dramatically the MUD framework security efficiency. We then present a solution, MUDirect, which en-hances the MUD framework to deal with these cases while preserving the current MUD specification. Finally, we have implemented our solution (extending the existing osMUD implementation) and showed that it enables P2P IoT devices protection while having minimal changes to the osMUD code.