MUDIS: MUD Inspection System

Anat Bremler-Barr, Bar Meyuhas, Ran Shister
IEEE/IFIP NOMS,
2022
Poster and brief announcement
Internet of Things (IoT)

Abstract

The Manufacturer Usage Description (MUD) is an IETF white-list protection scheme that formalizes the authorized network behavior in a MUD file; this MUD file can then be used as a type of firewall mechanism.

This demo introduces MUDIS, a MUD Inspection System that inspects the network behavior of devices, based on their formal description in the MUD file. We present several use-cases in which MUDIS is useful, including examining the impact of device location, the impact of a firmware update, the correlation of network behavior between different devices of the same manufacture, and more.

MUDIS inspects two MUD files, clusters together and graph- ically visualizes identical, similar, and dissimilar rules. It then calculates a similarity score that measures the similarity between them both. It also generalizes the two MUD files where possible, such that the resulting generalized MUD covers all the permitted (white-list) network behavior for both MUDs.

Our open-source MUDIS tool and proof-of-concept dataset are available for researchers and IoT manufacturers, allowing anyone to gain meaningful insights over the network behavior of IoT devices.

Video

@INPROCEEDINGS{222052,
AUTHOR=”Ran Shister and Anat Bremler-Barr and Bar Meyuhas”,
TITLE=”MUDIS: MUD Inspection System”,
BOOKTITLE=”Demo Sessions of NOMS 2022 () “,
ADDRESS=””,
DAYS=”25-29″,
MONTH=”apr”,
YEAR=”2022″,
}