IoT Device Characterization

Securing a network is a complex task made all the more challenging when IoT devices are connected to it because the expected communication behaviors of each IoT device are unknown.

An approach for determining and documenting the device types and communication behaviors of IoT devices connected to a network

This cybersecurity paper demonstrates how to use device characterization techniques to describe the communication requirements of IoT devices, in support of the Manufacturer Usage Description (MUD) project. The MUD specification supports development of MUD files that define expected and permitted network activity and behavior. Accurately generating a MUD file for a networked device requires a comprehensive picture of the device’s potential actions.
Status: Reviewing Comments

The public comment period has closed for the cybersecurity paper titled Methodology for Characterizing Network Behavior of Internet of Things Devices. Thank you to everyone who shared their feedback with us. We are currently reviewing the comments received.

Project Abstract

The goal is to demonstrate how to use device characterization techniques to describe the communication requirements of IoT devices. This publication focuses on the capture of network communications involving IoT devices necessary to generate MUD files. MUD provides a standard way to specify the network communications that a device requires to perform its intended function. The methodology seeks to allow for analysis of the full range of IoT device network traffic behaviors that can reasonably be expected. This includes examining a variety of factors that could potentially alter an IoT device’s behavior at each stage of the device’s lifecycle.

MUD provides a standard way to specify the network communications that a device requires to perform its intended function.

Supplemental Resources

A Companion Tool

NCCoE created a tool called MUD-PD for characterizing IoT devices particularly for use with MUD. 

Access the tool
Metal arrow pointing upward

Join the Community of Interest

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Request to Join
Employee speaking on video call with colleagues on online briefing with laptop at home