Hello, Please find below a draft I'm working on to propose a tool for supporting the vulnerability management in Home/SOHO IoT networks. In this proposal, we compare the network signature of well-known attacks to the communication allowed by MUD (RFC 8520) to identify the exposure of vulnerabilities that can potentially threaten a network. It can be useful for mitigating the damage caused by botnets and DDoS attacks.
Hope to have a great discussion, so don't hesitate to make any questions or comments. ---------- Forwarded message --------- De: <[email protected]> Date: qui., 26 de mai. de 2022 às 07:59 Subject: New Version Notification for draft-morais-iotops-inxu-01.txt To: Sávyo Vinícius de Morais <[email protected]>, Claudio Miceli de Farias < [email protected]> A new version of I-D, draft-morais-iotops-inxu-01.txt has been successfully submitted by Sávyo Vinícius de Morais and posted to the IETF repository. Name: draft-morais-iotops-inxu Revision: 01 Title: Intra-Network eXposure analyzer Utility Specification Document date: 2022-05-26 Group: Individual Submission Pages: 37 URL: https://www.ietf.org/archive/id/draft-morais-iotops-inxu-01.txt Status: https://datatracker.ietf.org/doc/draft-morais-iotops-inxu/ Html: https://www.ietf.org/archive/id/draft-morais-iotops-inxu-01.html Htmlized: https://datatracker.ietf.org/doc/html/draft-morais-iotops-inxu Diff: https://www.ietf.org/rfcdiff?url2=draft-morais-iotops-inxu-01 Abstract: This document proposes the Intra-Network eXposure analyzer Utility (INXU) as a vulnerability management solution for IoT networks. The goal of INXU is to take advantage of the functions of the RFC 8520 to allow a Security Experts Team on protecting multiple heterogeneous IoT networks, even when there is a few or none private information of the networks. INXU identifies and analyzes the capability of an IoT device being exploited by an well known malicious activity. We also propose the Malicious Traffic Description (MTD), a data-model to describe traffic related to malicious activities. The IETF Secretariat -- -- Best regards, Sávyo Morais.
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
