Sounding the Bell for Improving Internet (of Things) Security

The fragility of the Internet of Things (iot) ecosystem poses serious threats to Internet security, and the proliferation of iot devices only exacerbates this situation by providing vulnerable end-points to be exploited and used as attack sources. While industry and academia are working hard on designing innovative solutions to detect, mitigate and thwart massive botnet-based ddos attacks, the space of solutions appears disjoint and fragmented. The lack of cooperation between the iot device manufacturers, network operators, content providers, end users, and other players precipitates in point solutions which offer at best a veneer of security. In this paper we alert the community to the security challenges posed by the fragile iot ecosystem, discuss the space of solutions, and present the need for a distributed, concerted effort, e.g., among end users, ISPs, and CDNs, to improve Internet security. We do not claim to solve the problem, but offer design guidelines and discuss the key implementation challenges to inform the debates on iot security.