IoT-based intrusions and network attacks are becoming ever more concerning. As a mitigatory measure, the IETF standardized Manufacturer Usage Description (MUD) which allows IoT device vendors to specify the legitimate communication patterns (as a MUD profile) of an IoT device. A MUD profile allows the validation of the actual communication pattern of an IoT device with the intended behavior at runtime. However, as the number of IoT devices increases, validation at runtime has scalability challenges in terms of the number of switch resources (e.g., TCAM) required to maintain MUD profiles.In this work, we propose a scalable data plane primitive and a system on top of the primitive, which together enforce MUD profiles of thousands of IoT devices in a P4 programmable switch data plane. Our main idea is to avoid inefficiencies because of the repetition of header values while representing MUD profile-based ACL rules. Further, we exploit the characteristics of header values in ACL rules of real IoT devices and carefully partition the rules across multiple hash-based exact match-action tables in the switch data plane. Since hash-based data structures can be implemented using SRAM which is cheap and abundantly available (order of MBs) in commodity programmable switches, our approach scales well for a large IoT network. © 2023 IEEE.

Praveen Tammana

Department of Computer Science and Engineering

Kotaro Kataoka

S.A. Harish

S. Datta

H. Kothapalli

A. Basuki

S. Manickam

U. Venkanna

Y.-W. Chong

Indian Institute of Technology Hyderabad (IITH) is a premier institute of science and technology established in 2008. IITH has been consistently ranked in the&nbsp;<a href="https://iith.ac.in/reports/" rel="noopener noreferrer">top 10 institutes</a>&nbsp;in India for Engineering&nbsp;<a href="https://www.nirfindia.org/2021/EngineeringRanking.html" rel="noopener noreferrer" target="_blank">according to NIRF</a>&nbsp;making it one of the most coveted schools for science and technology in the country.

IITH offers&nbsp;<a href="https://iith.ac.in/academics/under-graduate/">undergraduate programs</a>&nbsp;in all the classical engineering disciplines, applied sciences, design, as well as several modern interdisciplinary areas. Students are given a flexibility to explore a broad set of areas, and potentially pursue a minor or double major in a discipline that is not their own. Students who wish to seek a deeper understanding of their own discipline are strongly encouraged to get involved in cutting-edge research with the help of a faculty to mentor them, and earn an Honors in their own field.

The very foundation of IIT Hyderabad is based on&nbsp;<a href="https://iith.ac.in/research/">research and innovation</a>. The vibrant research culture is evident from the number of patents and publications that IITH produces consistently every year. IITH offers&nbsp;<a href="https://iith.ac.in/academics/programmes-offered/">graduate programs</a>&nbsp;at both a masters, and a doctoral level, in several diverse areas. There are separate programs for technology, design, science, and liberal arts. The&nbsp;<a href="https://iith.ac.in/academics/post-graduate/">MTech program</a>&nbsp;is offered in various modes and durations to cater to the ever-growing need of postgraduate level professionals in the country.

IITH encourages and supports&nbsp;<a href="https://iic-iith.netlify.app/index.html" rel="noopener noreferrer" target="_blank">innovation and entrepreneurship</a>&nbsp;at every stage. The minor program in entrepreneurship is open to all students of IITH, and many of the courses are offered by industrialists who are entrepreneurs themselves. There are various&nbsp;<a href="https://iith.ac.in/research/centres-incubators/">innovation centers and incubators</a>&nbsp;that promote entrepreneurship and help mentor young innovators. IITH has been very successful in building tie-ups with leading academic institutions around the globe.

IITH enjoys a very special relationship with Japanese universities and industries that goes beyond academic and research collaborations. In fact, some of the iconic buildings in IITH campus will carry the signature of Japanese architecture.

IITH creates a unique holistic ecosystem for education that offers interactive learning, a very flexible academic structure, cutting-edge research, strong industry collaboration, and entrepreneurship. This is an environment which enables students and faculty to translate their dreams into realities.

IIT Hyderabad

Proceedings of IEEE/IFIP Network Operations and Management Symposium 2023, NOMS 2023

Scaling IoT MUD Enforcement using Programmable Data Planes

Journal	Proceedings of IEEE/IFIP Network Operations and Management Symposium 2023, NOMS 2023
Publisher	Institute of Electrical and Electronics Engineers Inc.