Reducing DNS Traffic to Enhance Home IoT Device Privacy Articles uri icon

publication date

  • May 2024

start page

  • 1

end page

  • 22

issue

  • 9

volume

  • 24

International Standard Serial Number (ISSN)

  • 1424-3210

Electronic International Standard Serial Number (EISSN)

  • 1424-8220

abstract

  • The deployment of Internet of Things (IoT) devices is widespread in different environments, including homes. Although security is incorporated, homes can become targets for cyberattacks because of their vulnerabilities. IoT devices generate Domain Name Server (DNS) traffic primarily for communication with Internet servers. In this paper, we present a detailed analysis of DNS traffic from IoT devices. The queried domains are highly distinctive, enabling attackers to easily identify the IoT device. In addition, we observed an unexpectedly high volume of queries. The analysis reveals that the same domains are repeatedly queried, DNS queries are transmitted in plain text over User Datagram Protocol (UDP) port 53 (Do53), and the excessive generation of traffic poses a security risk by amplifying an attackers ability to identify IoT devices and execute more precise, targeted attacks, consequently escalating the potential compromise of the entire IoT ecosystem. We propose a simple measure that can be taken to reduce DNS traffic generated by IoT devices, thus preventing it from being used as a vector to identify the types of devices present in the network. This measure is based on the implementation of the DNS cache in the devices; caching few resources increases privacy considerably.

subjects

  • Telecommunications

keywords

  • dns; iot privacy; network traffic