Extending a dynamic IoT firewall tool : Integration of TLS and MQTT Protocols for Smart Home Security

Details

Supervisors

Sadre, Ramin

Faculty

Ecole polytechnique de Louvain

Degree label

Master [120] en cybersécurité, à finalité spécialisée: conception et analyse de systèmes

Abstract

enThe rapid expansion of the Internet of Things (IoT) has transformed modern living, particularly through the rise of Smart Homes. However, this convenience introduces critical security challenges, as IoT devices increasingly transmit sensitive data. This thesis contributes to enhancing IoT security by extending a recently proposed firewall tool—built on NFTables, the modern Linux packet filtering framework—to support two key protocols: MQTT and TLS. The extension to MQTT, a lightweight messaging protocol widely used in IoT, proved highly effective in profiling traffic and preventing attacks beyond the capabilities of existing solutions like the MUD standard. Conversely, integrating support for the TLS cryptographic protocol revealed significant limitations due to the tool’s current design, which struggles with encrypted traffic profiling and requires manual configuration. Despite these challenges, partial success with specific packet types demonstrates the potential for future improvements. The results highlight the firewall's greater adaptability to IoT-specific protocols and the need for further development to robustly support general-purpose encryption protocols like TLS.