Two way Firewall for Internet of Things

Abstract: The Internet of Things(IoT), an emerging global Internet-based technical architecture impacts the security and privacy of the stakeholders involved. IoT security is the area of endeavour concerned with safeguarding connected devices and networks in the Internet of things. It is of utmost importance to allow protected access to IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) networks and protecting Internet-connected critical infrastructures from wireless hosts within 6LoWPAN network. The security architecture deployed must ensure resilience to attacks, data authentication, integrity, access control to data, resources and client privacy. With increasing technology, there is high probability for hackers and intruders to succeed attacking a network. Hence, security of networks is essential.This solution is to counter the attacks by implementing a two way firewall. This solution makes scientific contribution by adding support for the IoT protocol Constrained Application Protocol(CoAP) and Datagram Transport Layer Security(DTLS) which are widely used for communication in IoT networks. If the packet arrives on CoAP or DTLS port, firewall scans the packet to see that the packet confirms to the message format intended. Devices in 6LoWPAN are memory constrained possessing less RAM and hence another key contribution of this thesis is that the rules, stored in files, are read directly from file facilitating minimal use of additional memory. In addition to this, the decisions of firewall i.e. the blacklisted and whitelisted IP addresses are also saved in files.The firewall is deployed and evaluated within 6LoWPAN. The power consumption and memory consumption are calculated. Security is evaluated analytically and it is seen that the true positive rate ranges from 80-95% for DoS(Denial of Service) attacks and 90-100%for IP spoofing attacks. It can be concluded that firewall can be deployed with very little overhead in terms of memory and power consumption. As an extension to this firewall, multiple IoT protocols parsing such as Message Queuing Telemetry Transport(MQTT), Extensible Messaging and Presence Protocol(XMPP) can be added. Similarly support for other attack detection algorithms like IP Spoofing, Distributed DoS(DDoS) can be added.