Abstract
The Internet of Things (IoT) introduced the opportunity of remotely manipulating home appliances (such as heating systems, ovens, blinds, etc.) using computers and mobile devices. This idea fascinated people and originated a boom of IoT devices together with an increasing demand that was difficult to support. Many manufacturers quickly created hundreds of devices implementing functionalities but neglected some critical issues pertaining to device security. This oversight gave rise to the current situation where thousands of devices remain unpatched having many security issues that manufacturers cannot address after the devices have been produced and deployed. This article presents our novel research protecting IOT devices using Berkeley Packet Filters (BPFs) and evaluates our findings with the aid of our Filter.tlk tool, which is able to facilitate the development of BPF expressions that can be executed by GNU/Linux systems with a low impact on network packet throughput.
Highlights
Introduction and motivationThe evolution of Internet and communication networks from their emergence in the sixties to today has enabled a revolution in the way people and businesses interact
We have introduced an easy-to-use framework designed to aid in the development of fast firewalls based on using Berkeley Packet Filters (BPFs), which can be executed by using standard firewall capabilities included in the Linux kernel (IPTables/Netfilter)
Bytecode can drastically speed up the execution of firewalls, we designed a collection of tools to facilitate the inclusion of BPF into firewalling rules
Summary
Introduction and motivationThe evolution of Internet and communication networks from their emergence in the sixties to today has enabled a revolution in the way people and businesses interact. People today communicate worldwide using mobile devices, which have a reliable broadband (4G) Internet connection Despite these great advances, Aceto et al [1] note that network outages are still a challenge to solve because they are frequent, hard to fix, expensive and, in particular, poorly understood by users. In the well-known Linux operating system, firewall capabilities have been provided primarily through packet filtering technology, and have evolved from a Netfilter ipfw system port (included in Linux kernel 1.1) to netfilter/iptables (included in Linux 2.4 kernel series) This evolution entailed the introduction of significant innovations such as the tracking of TCP connections or the possibility of altering packets in transit (mangle table). Despite the popularity of these filters, netfilter/iptables firewalling subsystem will be replaced in order to speed up filtering process and increase the information achieved for each packet to filter (such as payload information)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
