Hestia: Simple Least Privilege Network Policies for Smart Homes

Abstract

Smart home devices are notoriously vulnerable to being exploited in many different ways. The current best practices for securing smart homes against vulnerable devices compromising each other suggest using separate WiFi networks, one for all the IoT devices and one for users’ personal computing devices. But this increases the network management overhead for an average user. Ideally, to prevent device compromises, an explicit network policy should be defined for each individual device that controls its functionality within the local network. While access control specifications, like MUD, for IoT devices have been proposed there is no guarantee of them being readily available anytime soon. To this extent we present Hestia, a network policy design that provides default network access, based on the principle of least privilege, to devices in smart homes. Hestia uses a classification of devices as controllers and non-controllers to create these policies, with controllers being the devices that receive user commands to execute actions on non-controllers . We validate Hestia’s policies against a large public data set of smart home devices and find that it accurately preserves selective network isolation for all devices on the local network without affecting their functionality. We prototype Hestia as a SDN controller and the least privilege policies generated as OpenFlow rules on the wireless access point. Through selective network isolation, Hestia provides smart home owners with an effective way to readily enforce least privilege access control for their devices thereby acting as a default network security measure for smart homes.