MUD Related Resources
The following links provide resources to MUD-related information, including standards, tools, implementations, research papers, and articles.
Certain commercial entities, equipment, or materials may be identified in this website or linked websites in order to support MUD understanding and use. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.
MUD Standard
- RFC 8520, Manufacturer Usage Description Specification
MUD File Service
- GlobalPlatform MUD File Service, help device manufacturers publish the MUD file library associated with their products
MUD Working Group
- IETF Operations and Management Area Working Group (opsawg)
Related Standards
- RFC 5652, Cryptographic Message Syntax (CMS) (used to sign MUD files)
- RFC 7950, The YANG 1.1 Data Modeling Language (the MUD file uses this to express what sort of communications a device is designed to have):
- RFC 8259, The JavaScript Object Notation (JSON) Data Interchange Format (a serialization format used in MUD files):
- RFC 8519, YANG Data Model for Network Access Control Lists (ACLs) (the YANG modules provided in the MUD Specification, RFC 8520, are extensions of this YANG data model for ACLs):
- RFC 7951, JSON Encoding of Data Modeled with YANG (A MUD file consists of a YANG model instance that has been serialized in JSON):
MUD Implementation
- Cisco DevNet MUD site, with a MUD Overview and Developers Guide:
- Cisco MUD-Manager Version 3.0 Open-Source GitHub repository:
- NIST MUD Open-Source Github Repository
- CableLabs Micronets Open-Source Github Repository
Tools
- MUD Maker tool: used for creating a MUD file for an IoT device
- MUD Visualizer: A tool to aid in visualizing, reading, and validating MUD files
- Cisco MUD URL Validator Open-Source GitHub Repository: used to validate that MUD URLs are properly formed
- University of New South Wales MUDGEE MUD Profile Generator: tool for generating a device’s MUD Profile based on its traffic trace (PCAP)
- Shan Wang – IoT Hub Project: Design, build, and evaluate a home IoT Hub to help manage and secure IoT devices using MUD and other techniques
- NCCoE MUD-PD: A tool for characterizing IoT devices particularly for use with MUD, helpful in generating MUD files
MUD Research Papers
- Verifying and Monitoring IoT's Network Behavior Using MUD Profiles
- Detecting Volumetric Attacks on IoT Devices via SDN-Based Monitoring of MUD Activity
- Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles
- Combining MUD Policies with SDN for IoT Intrusion Detection
- Throwing MUD into the FOG: Defending IoT and Fog by expanding MUD to Fog network
- NFV-based IoT Security for Home Networks using MUD
News/Web/Blog Articles
- IETF Journal - Managing the Internet of Things – It’s All About Scaling
- IETF News - Help managing the growing number of Things on our networks has arrived
- Eliot Lear – Yet another IoT bug
- Federal News Network - NIST updating cyber guidance as agencies continue to adopt internet of things
- UsableSecurity MUD Page
Conferences
- IETF 105 Hackathon - July 20 and 21, 2019
- IETF 109 Hackathon – November 9 - 13, 2020
- NCCoE Trusted IoT Device Network-Layer Onboarding and Lifecycle Management Workshop – October 26, 2020