BoDMitM: Botnet Detection and Mitigation System for Home Router Base on MUD

Abstract

Less protected Internet of Things (IoT) devices are a threat to the stability of the Internet. These IoT devices are being used for Distributed Denial of Service (DDoS) attacks. Due to these reasons safety and security of IoT devices are challenged. This reduces the trust of smart devices users and also damage the operation of the global Internet. In order to reduce these threats, the Manufacture Usage Description(MUD )is a work of RFC8520 and IETF. The idea behind Manufacture Usage Description (MUD) is that once an IoT device connect to a network, the device tells the network what kind of network access it needs to perform its function. But Manufacture Usage Description (MUD) only has limited ability to provide access to devices. There is a need for a system with the following requirement: The system should provide an automatic anomaly detection system in order to secure IoT devices. The system should be able to send alert to device owner in case of anomaly detection. The system should automatically mitigate the detected anomalies and should provide real time monitoring of network traffic based on graphic user interface (GUI). Our proposed solution fulfill the above requirements. This research paper present BoDMitM: Botnet Detection and Mitigation System For Home Router Based on Manufacture Usage Description( MUD). The proposed system has ability to automatically detect an attack. After detection of attack sends alert to device owner and block anomaly activity in order to secure IoT devices. Results show 99% accuracy in terms of the proposed system's success. The proposed system successfully detects a botnet, generate real time alert and mitigate the attack source.