Secure the Internet, one home at a time

The rapid growth of residential broadband connections and Internet-enabled home devices have driven the success of many useful applications such as video streaming and remote healthcare. However, poorly managed routers and connected devices in the home are vulnerable under persistent threats and exploitations from cyber attackers across the Internet who continuously identify, compromise, and control devices as part of botnets for launching click fraud, denial of service attacks, spam campaigns. These growing threats and broad damages have made it imperative to understand, characterize, filter, and reduce exploit traffic towards millions of home routers and billions of connected devices in the home. This paper presents a bloom-filter based analytics framework to capture persistent threats towards the same home routers and to identify correlated attacks towards distributed home networks. Our experimental results based on network traffic collected from real homes over 18months have revealed a number of interesting findings on persistent and correlated threats towards home networks, which calls for improved security and management of home networks. To the best of our knowledge, this paper is the first effort to characterize cyber threats towards home networks and to propose a simple and yet effective approach to identify persistent and aggressive attacks towards home networks.