INXU - A Security Extension for RFC 8520 to Give Fast Response to New Vulnerabilities on Domestic IoT Networks

  • Sávyo Morais UFRJ
  • Claudio Farias UFRJ


As domestic Internet of Things (DIoT) devices become more popular, the number of devices connected to the Internet increases. It may also represent a risk to the end-user’s security and privacy. The infected devices can be used in DIoT botnets affecting the Internet’s stability. Although there are efforts to enhance IoT security, such as RFC 8520, there still needs for improvements in the DIoT context. To ensure DIoT security, this paper proposes INXU, an extension of RFC 8520 that enables blocking traffic related to well-known malicious activities. INXU introduces the concept of Malicious Traffic Description, a data model to describe traffic related to malicious activities, and enables Security Operation Centers to protect domestic networks.


Al-Shaboti, M., Welch, I., Chen, A., and Mahmood, M. A. (2018). Towards secure smart home iot: Manufacturer and user network access control framework. In 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA), pages 892–899.

Björklund, M. (2016). The YANG 1.1 Data Modeling Language. RFC 7950.

Enns, R., Björklund, M., Bierman, A., and Schönwälder, J. (2011). Network Conguration Protocol (NETCONF). RFC 6241.

Goutam, S. (2019). Hestia: Simple least privilege network policies for smart homes. Master's thesis, North Carolina State University.

Habibi Gharakheili, H., Sivanathan, A., Hamza, A., and Sivaraman, V. (2019). Network-level security for the internet of things: Opportunities and challenges. Computer, 52(8):58–62.

Hyun, D., Kim, J., Hong, D., and Jeong, J. P. (2017). Sdn-based network security functions for effective ddos attack mitigation. In 2017 International Conference on Information and Communication Technology Convergence (ICTC), pages 834–839.

Jethanandani, M., Agarwal, S., Huang, L., and Blair, D. (2019). YANG Data Model for Network Access Control Lists (ACLs). RFC 8519.

Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). DDoS in the IoT: Mirai and Other Botnets. Computer, 50(7):80–84.

Kramp, T., Van Kranenburg, R., and Lange, S. (2013). Introduction to the internet of things. In Enabling Things to Talk, pages 1–10. Springer, Berlin, Heidelberg, Berlin, Heidelberg.

Lear, E., Droms, R., and Romascanu, D. (2019). Manufacturer Usage Description Specication. RFC 8520.

Lin, H. and Bergmann, N. (2016). IoT Privacy and Security Challenges for Smart Home Environments. Information, 7(3):44.

Marzano, A., Alexander, D., Fazzion, E., Fonseca, O., Cunha, I., Hoepers, C., Steding-Jessen, K., Chaves, M. H. P. C., Guedes, D., and Jr., W. M. (2018). Monitoramento e caracterização de botnets bashlite em dispositivos iot. In Anais do XXXVI Simpósio Brasileiro de Redes de Computadores e Sistemas Distribúdos, Porto Alegre, RS, Brasil. SBC.

OWASP (2018). Owasp top 10 internet of things 2018. Acesso em 10/01/2020.

Pires, V. R., Coutinho, F. R., Menasché, D. S., and de Farias, C. M. (2019). Gatos virtuais: detectando e avaliando os impactos da mineração de criptomoedas em infraestrutura pública. In Anais do XIX Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. SBC.

Rescorla, E. (2000). HTTP Over TLS. RFC 2818.

Schutijser, C. (2018). Towards automated ddos abuse protection using mud device proles. Master's thesis, University of Twente.

van der Meulen, R. (2017). Gartner says 8.4 billion connected "things" will be in use in 2017, up 31 percent from 2016. Disponível em (06/07/2019).
MORAIS, Sávyo; FARIAS, Claudio. INXU - A Security Extension for RFC 8520 to Give Fast Response to New Vulnerabilities on Domestic IoT Networks. In: WORKSHOP PRÉ-IETF (WPIETF), 7. , 2020, Evento Online. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2020 . p. 1-14. ISSN 2595-6388. DOI: