Manufacturer Usage Description (MUD)

Defending the IoT devices in home environment

IoT devices are highly susceptible to cyber attacks and compare to software, they are usually an easier target for vulnerability hunting and eventually pwning. A proper defense against this, is to setup a fine grained firewall where it only allows each IoT device, to communicate with some predefined destinations. For instance, a smart bulb would not need to communicate with a smart toaster, or a smart crock-pot should not communicate with a www.i-am-safe.com.

Creating the rules for such firewall, is beyond the knowledge of a end user or even a super user. Even an experienced sysadmin will get frustrated for maintaining such firewall since the communication destination of each of the IoT devices might change throughout its lifetime. Introducing MUD: a self-install and self-maintain fine grained firewall, providing "a means for end devices to signal to the network what sort of access and network functionality they require to properly function" [1].

MUD works based on a usage description that is defined by the manufacturer, hence the name Manufacturer Usage Description. The manufacturer of a device, knows better than anyone where their device is supposed to initiate a communication to, or to which domain or service it should respond. Using this description, a smart bulb manufacturer that is aware its products will not communicate with any domain other than the company's domain, can enforce this rule to the future network where the IoT device is going to be deployed.

References

[1]https://tools.ietf.org/html/draft-ietf-opsawg-mud-25