Date Published: October 2017
Comments Due: October 25, 2017 (public comment
period is CLOSED)
Email Questions to:
iot-ddos-nccoe@nist.gov
Author(s)
Tim Polk (NIST), Murugiah Souppaya (NIST), William Barker
(Dakota Consulting)
Announcement
The objective of this project is to reduce the vulnerability
of Internet of Things (IoT) devices to botnets and other
automated distributed threats, while limiting the utility of
compromised IoT devices to malicious actors. The
scenarios envisioned for this NCCoE project emphasize home
and small-business applications, where plug-and-play
deployment is required. In one scenario, a home network
includes IoT devices that interact with external systems to
access secure updates and various cloud services, in
addition to interacting with traditional personal computing
devices. In a second scenario, a small retail business
employs IoT devices for security, building management, and
retail sales, as well as computing devices for business
operations, while simultaneously allowing customers to
access the internet.
The primary technical elements of this project include:
- network gateways/routers
supporting wired and wireless network access;
- Manufacturer Usage
Description (MUD) Specification controllers and file
servers;
- Dynamic Host
Configuration Protocol (DHCP) and update servers;
- threat signaling
servers;
- personal computing
devices; and
- business computing
devices.
While the security capabilities of these components will not
provide perfect security, they will significantly increase
the effort required by malicious actors to compromise and
exploit IoT devices on a home or small-business network.
This project will result in a freely available NIST
Cybersecurity Practice Guide.
The building block objective is to reduce the
vulnerability of Internet of Things (IoT) devices to
botnets and other automated distributed threats,
while limiting the utility of compromised IoT
devices to malicious actors. The primary technical
elements of this building block include network
gateways/routers supporting wired and wireless
network access, Manufacturer Usage Description (MUD)
Specification controllers and file servers, Dynamic
Host Configuration Protocol (DHCP) and update
servers, threat signaling servers, personal
computing devices, and business computing devices.
The security capabilities of these components will
not provide perfect security, but will significantly
increase the effort required by malicious actors to
compromise and exploit IoT devices on a home or
small-business network. The scenarios envisioned for
this NCCoE building block emphasize home and small-business
applications, where plug-and-play deployment is
required. In one scenario, a home network includes
IoT devices that interact with external systems to
access secure updates and various cloud services, in
addition to interacting with traditional personal
computing devices. In a second scenario, a small
retail business employs IoT devices for security,
building management, and retail sales, as well as
computing devices for business operations, while
simultaneously allowing customers to access the
internet. This project will result in a freely
available NIST Cybersecurity Practice Guide.
Keywords
botnets; internet of things (IoT); manufacturer usage
description (MUD); router; server; software update
server; threat signaling;