Throwing MUD into the FOG: Defending IoT and Fog by expanding MUD to Fog network


Vafa Andalibi, DongInn Kim, and L. Jean Camp, Indiana University Bloomington


Manufacturer Usage Description (MUD) is a proposed IETF standard enabling local area networks (LAN) to automatically configure their access control when adding a new IoT device based on the recommendations provided for that device by the manufacturer. MUD has been proposed as an isolation-based defensive mechanism with a focus on devices in the home, where there is no dedicated network administrator. In this paper, we describe the efficacy of MUD for a generic IoT device under different threat scenarios in the context of the Fog. We propose a method to use rate limiting to prevent end devices from participating in denial of service attacks (DDoS), including against the Fog itself. We illustrate our assumptions by providing a possible real world example and describe the benefits for MUD in the Fog for various stakeholders.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {234809,
author = {Vafa Andalibi and DongInn Kim and L. Jean Camp},
title = {Throwing {MUD} into the {FOG}: Defending {IoT} and Fog by expanding {MUD} to Fog network},
booktitle = {2nd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 19)},
year = {2019},
address = {Renton, WA},
url = {},
publisher = {USENIX Association},
month = jul