As electronics manufacturers rush to develop new connected gadgets, invariably there is always one thing that falls short; security. We have seen time and time again that connected devices, even though fun and helpful, can have very serious security issues.
These issues could allow attackers to enlist your devices into performing DDOS attacks like Mirai and IoT_reaper, invade your privacy by connecting to your WiFi cameras, or brick your devices using BrickerBot.
To help with this Avira has just launched a new solution called SafeThings, which is a software solution targeted at ISPs and router manufacturers to help protect consumers from poorly secured IoT devices.
The Avira's SafeThings solution is a software component that ISPs and router manufacturers can add to their CPE, or Customer-Premises Equipment, in order to monitor for abnormal behavior in IoT devices and block them if detected. This software is called SafeThings Sentinel and quietly runs in the background in order to discover devices, analyze packet headers, and enforce protection rules on the router.
The Sentinel software on the router would then transmit the gathered data back to Avira's SafeThings Protection Cloud, which uses AI to learn the normal activity of the devices on the network. If it detects any anomalies, it will transmit back instructions on how the SafeThings Sentinel on the CPE should protect the network or alert the user.
When queried about about the potentially increased overhead that this may place on a residential router, Andrei Petrus, the director of IoT for Avira, told Bleeping Computer "SafeThings goes on the router, has no impact on the performance of it, and has insignificant impact on the traffic. That’s because its role is to collect metadata (nothing privacy sensitive) on the network and send it up to the AI powered SafeThins Protection Cloud. There, this data is analyzed with machine and swarm intelligence engines to detect anomalies and enforce back on the router decisions that protect IoT device security and data privacy.".
While these features sound great and will only benefit home users, it still requires ISPs and router manufacturers to get on board first. Though the cost of licensing this software is unknown, there will be advantages to ISPs to incorporate this technology as it will help mitigate the overhead and cost of dealing with DDOS attacks on their networks.
When asked if there were any manufacturers or ISPs currently using this technology, Petrus told Bleeping Computer "We are in talks with some major network operators to integrate Avira SafeThings in their security strategy and product portfolio. On one hand, this will help them keep their pipes clean against DDoS attacks and detect/suppress rogue nodes, and on the other hand Avira SafeThings will enable them to sell additional IoT security services to their customers and differentiate in an aggressive market."
For those who are interested in this technology, you can visit the SafeThings site and at the bottom enter your Internet Service Provider and router manufacturer to check if they support SafeThings. If not, Avira will allow you to provide your email address in order to receive notification when it is available.