{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,12]],"date-time":"2026-03-12T15:36:36Z","timestamp":1773329796725,"version":"3.50.1"},"reference-count":41,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"4","license":[{"start":{"date-parts":[[2021,7,23]],"date-time":"2021-07-23T00:00:00Z","timestamp":1626998400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,10,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Despite the prevalence of Internet of Things (IoT) devices, there is little information about the purpose and risks of the Internet traffic these devices generate, and consumers have limited options for controlling those risks. A key open question is whether one can mitigate these risks by automatically blocking some of the Internet connections from IoT devices, without rendering the devices inoperable.<\/jats:p>\n               <jats:p>In this paper, we address this question by developing a rigorous methodology that relies on automated IoT-device experimentation to reveal which network connections (and the information they expose) are essential, and which are not. We further develop strategies to <jats:italic>automatically<\/jats:italic> classify network traffic destinations as either required (<jats:italic>i.e.<\/jats:italic>, their traffic is <jats:italic>essential<\/jats:italic> for devices to work properly) or not, hence allowing firewall rules to block traffic sent to non-required destinations without breaking the functionality of the device. We find that indeed 16 among the 31 devices we tested have at least one blockable non-required destination, with the maximum number of blockable destinations for a device being 11. We further analyze the destination of network traffic and find that all third parties observed in our experiments are blockable, while first and support parties are neither uniformly required or non-required. Finally, we demonstrate the limitations of existing blocklists on IoT traffic, propose a set of guidelines for automatically limiting non-essential IoT traffic, and we develop a prototype system that implements these guidelines.<\/jats:p>","DOI":"10.2478\/popets-2021-0075","type":"journal-article","created":{"date-parts":[[2021,7,24]],"date-time":"2021-07-24T23:18:28Z","timestamp":1627168708000},"page":"369-388","source":"Crossref","is-referenced-by-count":39,"title":["Blocking Without Breaking: Identification and Mitigation of Non-Essential IoT Traffic"],"prefix":"10.56553","volume":"2021","author":[{"given":"Anna Maria","family":"Mandalari","sequence":"first","affiliation":[{"name":"Imperial College London"}]},{"given":"Daniel J.","family":"Dubois","sequence":"additional","affiliation":[{"name":"Northeastern University"}]},{"given":"Roman","family":"Kolcun","sequence":"additional","affiliation":[{"name":"Imperial College London"}]},{"given":"Muhammad Talha","family":"Paracha","sequence":"additional","affiliation":[{"name":"Northeastern University"}]},{"given":"Hamed","family":"Haddadi","sequence":"additional","affiliation":[{"name":"Imperial College London"}]},{"given":"David","family":"Choffnes","sequence":"additional","affiliation":[{"name":"Northeastern University"}]}],"member":"35752","published-online":{"date-parts":[[2021,7,23]]},"reference":[{"key":"2022051409225060202_j_popets-2021-0075_ref_001","unstructured":"[1] IoT Analytics, \u201cIoT 2019 in review: The 10 most relevant IoT developments of the year,\u201d https:\/\/iot-analytics.com\/iot-2019-in-review\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_002","doi-asserted-by":"crossref","unstructured":"[2] J. Ren, D. J. Dubois, D. Choffnes, A. M. Mandalari, R. Kolcun, and H. Haddadi, \u201cInformation exposure from consumer IoT devices: A multidimensional, network-informed measurement approach,\u201d in Proceedings of the Internet Measurement Conference, 2019.10.1145\/3355369.3355577","DOI":"10.1145\/3355369.3355577"},{"key":"2022051409225060202_j_popets-2021-0075_ref_003","doi-asserted-by":"crossref","unstructured":"[3] H. Mohajeri Moghaddam, G. Acar, B. Burgess, A. Mathur, D. Y. Huang, N. Feamster, E. W. Felten, P. Mittal, and A. Narayanan, \u201cWatching you watch: The tracking ecosystem of over-the-top TV streaming devices,\u201d in CCS\u201919, 2019.10.1145\/3319535.3354198","DOI":"10.1145\/3319535.3354198"},{"key":"2022051409225060202_j_popets-2021-0075_ref_004","doi-asserted-by":"crossref","unstructured":"[4] J. Varmarken, H. Le, A. Shuba, A. Markopoulou, and Z. Shafiq, \u201cThe TV is smart and full of trackers: Measuring smart TV advertising and tracking,\u201d PETS\u201920, vol. 2020, no. 2, pp. 129\u2013154, 2020.","DOI":"10.2478\/popets-2020-0021"},{"key":"2022051409225060202_j_popets-2021-0075_ref_005","doi-asserted-by":"crossref","unstructured":"[5] S. J. Saidi, A. M. Mandalari, R. Kolcun, H. Haddadi, D. J. Dubois, D. Choffnes, G. Smaragdakis, and A. Feldmann, \u201cA haystack full of needles: Scalable detection of IoT devices in the wild,\u201d in IMC\u201920, 2020, pp. 87\u2013100.10.1145\/3419394.3423650","DOI":"10.1145\/3419394.3423650"},{"key":"2022051409225060202_j_popets-2021-0075_ref_006","unstructured":"[6] Pi-Hole: A black hole for Internet advertisements, https:\/\/pi-hole.net\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_007","unstructured":"[7] ico., \u201cPrinciple (c): Data minimisation,\u201d https:\/\/ico.org.uk\/for-organisations\/guide-to-data-protection\/guide-to-the-general-data-protection-regulation-gdpr\/principles\/data-minimisation\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_008","unstructured":"[8] \u2014\u2014, \u201cPrinciple (b): Purpose limitation,\u201d https:\/\/ico.org.uk\/for-organisations\/guide-to-data-protection\/guide-to-the-general-data-protection-regulation-gdpr\/principles\/purpose-limitation\/, [Online; accessed Mar. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_009","unstructured":"[9] IFTTT, Inc., \u201cIFTTT helps every thing work better together,\u201d https:\/\/ifttt.com, [Online; accessed Mar. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_010","unstructured":"[10] SmartThings, Inc., \u201cSmartThings: One simple home system. A world of possibilities.\u201d https:\/\/www.smartthings.com, [Online; accessed Mar. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_011","unstructured":"[11] Roku Inc., \u201cRoku Developer Documentation: Development Environment Overview,\u201d https:\/\/sdkdocs.roku.com\/display\/sdkdoc\/Development+Environment+Overview, [Online; accessed Feb. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_012","unstructured":"[12] Amazon.com Inc., \u201cDeveloper Tools Menu (Fire TV),\u201d https:\/\/developer.amazon.com\/docs\/fire-tv\/developer-tools.html, [Online; accessed Feb. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_013","doi-asserted-by":"crossref","unstructured":"[13] R. Trimananda, J. Varmarken, A. Markopoulou, and B. Demsky, \u201cPacket-level signatures for smart home device events,\u201d in NDSS\u201920, 2020.10.14722\/ndss.2020.24097","DOI":"10.14722\/ndss.2020.24097"},{"key":"2022051409225060202_j_popets-2021-0075_ref_014","doi-asserted-by":"crossref","unstructured":"[14] A. Acar, H. Fereidooni, T. Abera, A. K. Sikder, M. Miettinen, H. Aksu, M. Conti, A.-R. Sadeghi, and S. Uluagac, \u201cPeek-a-Boo: I see your smart home activities, even encrypted!\u201d in WiSec\u201920, 2020, p. 207\u2013218. [Online]. Available: https:\/\/doi.org\/10.1145\/3395351.339942110.1145\/3395351.3399421","DOI":"10.1145\/3395351.3399421"},{"key":"2022051409225060202_j_popets-2021-0075_ref_015","unstructured":"[15] Pi-Hole LLC Blocking Mode, https:\/\/docs.pi-hole.net\/ftldns\/blockingmode, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_016","unstructured":"[16] WaLLy3K, \u201cThe big blocklist collection,\u201d https:\/\/firebog.net, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_017","unstructured":"[17] Mother of All AD-BLOCKING, \u201cThe big blocklist collection,\u201d https:\/\/forum.xda-developers.com\/showthread.php?t=1916098, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_018","unstructured":"[18] Kromtech Alliance Corp, \u201cStopad for TV,\u201d https:\/\/stopad.io\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_019","doi-asserted-by":"crossref","unstructured":"[19] Ashish Kumar Singh and V. Potdar, \u201cBlocking online advertising - a state of the art,\u201d in 2009 IEEE International Conference on Industrial Technology, Feb 2009, pp. 1\u201310.10.1109\/ICIT.2009.4939739","DOI":"10.1109\/ICIT.2009.4939739"},{"key":"2022051409225060202_j_popets-2021-0075_ref_020","unstructured":"[20] Consumer Reports, \u201cHome security cameras from top brands lack basic digital security measures,\u201d https:\/\/www.consumerreports.org\/wireless-security-cameras\/home-security-cameras-from-top-brands-lack-basic-digital-security-measures\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_021","doi-asserted-by":"crossref","unstructured":"[21] A. Subahi and G. Theodorakopoulos, \u201cEnsuring compliance of IoT devices with their privacy policy agreement,\u201d in FiCloud\u201918. IEEE, 2018, pp. 100\u2013107.10.1109\/FiCloud.2018.00022","DOI":"10.1109\/FiCloud.2018.00022"},{"key":"2022051409225060202_j_popets-2021-0075_ref_022","unstructured":"[22] C. Welch, \u201cI guess I have to watch ads everywhere on my $1,500 LG TV now,\u201d https:\/\/www.theverge.com\/tldr\/2021\/3\/10\/22323790\/lg-oled-tv-commercials-content-store, [Online; accessed Mar. 2021]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_023","unstructured":"[23] R. Nithyanand, S. Khattak, M. Javed, N. Vallina-Rodriguez, M. Falahrastegar, J. E. Powles, E. De Cristofaro, H. Haddadi, and S. J. Murdoch, \u201cAdblocking and counter blocking: A slice of the arms race,\u201d in 6th USENIX Workshop on Free and Open Communications on the Internet (FOCI 16), 2016."},{"key":"2022051409225060202_j_popets-2021-0075_ref_024","doi-asserted-by":"crossref","unstructured":"[24] E. Lear, R. Droms, and D. Romascanu, \u201cRFC 8520: Manufacturer usage description specification,\u201d 2019.10.17487\/RFC8520","DOI":"10.17487\/RFC8520"},{"key":"2022051409225060202_j_popets-2021-0075_ref_025","doi-asserted-by":"crossref","unstructured":"[25] A. Hamza, D. Ranathunga, H. H. Gharakheili, M. Roughan, and V. Sivaraman, \u201cClear as MUD: Generating, validating and applying IoT behavioral profiles,\u201d in SIGCOMM \u201918 Workshop on IoT S&P, 2018.10.1145\/3229565.3229566","DOI":"10.1145\/3229565.3229566"},{"key":"2022051409225060202_j_popets-2021-0075_ref_026","doi-asserted-by":"crossref","unstructured":"[26] C. Haar and E. Buchmann, \u201cFANE: A firewall appliance for the smart home,\u201d in FedCSIS \u201919, 2019, pp. 449\u2013458.10.15439\/2019F177","DOI":"10.15439\/2019F177"},{"key":"2022051409225060202_j_popets-2021-0075_ref_027","doi-asserted-by":"crossref","unstructured":"[27] A. K. Simpson, F. Roesner, and T. Kohno, \u201cSecuring vulnerable home IoT devices with an in-hub security manager,\u201d in PerCom \u201917 Workshops, 2017, pp. 551\u2013556.10.1109\/PERCOMW.2017.7917622","DOI":"10.1109\/PERCOMW.2017.7917622"},{"key":"2022051409225060202_j_popets-2021-0075_ref_028","doi-asserted-by":"crossref","unstructured":"[28] N. Gupta, V. Naik, and S. Sengupta, \u201cA firewall for internet of things,\u201d in 2017 9th International Conference on Communication Systems and Networks (COMSNETS), 2017, pp. 411\u2013412.10.1109\/COMSNETS.2017.7945418","DOI":"10.1109\/COMSNETS.2017.7945418"},{"key":"2022051409225060202_j_popets-2021-0075_ref_029","doi-asserted-by":"crossref","unstructured":"[29] J. Habibi, D. Midi, A. Mudgerikar, and E. Bertino, \u201cHeimdall: Mitigating the internet of insecure things,\u201d IEEE Internet of Things Journal, vol. 4, no. 4, pp. 968\u2013978, 2017.10.1109\/JIOT.2017.2704093","DOI":"10.1109\/JIOT.2017.2704093"},{"key":"2022051409225060202_j_popets-2021-0075_ref_030","doi-asserted-by":"crossref","unstructured":"[30] E. Lastdrager, C. Hesselman, J. Jansen, and M. Davids, \u201cProtecting home networks from insecure IoT devices,\u201d in NOMS 2020, 2020, pp. 1\u20136.10.1109\/NOMS47738.2020.9110419","DOI":"10.1109\/NOMS47738.2020.9110419"},{"key":"2022051409225060202_j_popets-2021-0075_ref_031","unstructured":"[31] ShieldIOT, https:\/\/shieldiot.io\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_032","unstructured":"[32] Fingbox, https:\/\/www.fing.com\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_033","unstructured":"[33] Bitdefender, https:\/\/www.bitdefender.com\/iot\/, [Online; accessed Nov. 2020]."},{"key":"2022051409225060202_j_popets-2021-0075_ref_034","doi-asserted-by":"crossref","unstructured":"[34] D. Y. Huang, N. Apthorpe, F. Li, G. Acar, and N. Feamster, \u201cIoT inspector: Crowdsourcing labeled network traffic from smart home devices at scale,\u201d Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., vol. 4, no. 2, Jun. 2020.10.1145\/3397333","DOI":"10.1145\/3397333"},{"key":"2022051409225060202_j_popets-2021-0075_ref_035","unstructured":"[35] N. Apthorpe, D. Reisman, and N. Feamster, \u201cA smart home is no castle: Privacy vulnerabilities of encrypted IoT traffic,\u201d DAT\u201916, 2016. [Online]. Available: http:\/\/arxiv.org\/abs\/1705.06805"},{"key":"2022051409225060202_j_popets-2021-0075_ref_036","doi-asserted-by":"crossref","unstructured":"[36] H. Tahaei, F. Afifi, A. Asemi, F. Zaki, and N. B. Anuar, \u201cThe rise of traffic classification in IoT networks: A survey,\u201d Journal of Network and Computer Applications, vol. 154, p. 102538, 2020. [Online]. Available: http:\/\/www.sciencedirect.com\/science\/article\/pii\/S108480452030012610.1016\/j.jnca.2020.102538","DOI":"10.1016\/j.jnca.2020.102538"},{"key":"2022051409225060202_j_popets-2021-0075_ref_037","doi-asserted-by":"crossref","unstructured":"[37] Y. Meidan, M. Bohadana, A. Shabtai, J. D. Guarnizo, M. Ochoa, N. O. Tippenhauer, and Y. Elovici, \u201cProfilIoT: A machine learning approach for IoT device identification based on network traffic analysis,\u201d in SAC \u201917, 2017, pp. 506\u2013509. [Online]. Available: https:\/\/doi.org\/10.1145\/3019612.301987810.1145\/3019612.3019878","DOI":"10.1145\/3019612.3019878"},{"key":"2022051409225060202_j_popets-2021-0075_ref_038","doi-asserted-by":"crossref","unstructured":"[38] M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, and S. Tarkoma, \u201cIoT SENTINEL: Automated device-type identification for security enforcement in IoT,\u201d in ICDCS\u201917, 2017, pp. 2177\u20132184.10.1109\/ICDCS.2017.283","DOI":"10.1109\/ICDCS.2017.283"},{"key":"2022051409225060202_j_popets-2021-0075_ref_039","doi-asserted-by":"crossref","unstructured":"[39] I. Hafeez, M. Antikainen, A. Y. Ding, and S. Tarkoma, \u201cIoT-KEEPER: Detecting malicious IoT network activity using online traffic analysis at the edge,\u201d IEEE Transactions on Network and Service Management, vol. 17, no. 1, pp. 45\u201359, 2020.10.1109\/TNSM.2020.2966951","DOI":"10.1109\/TNSM.2020.2966951"},{"key":"2022051409225060202_j_popets-2021-0075_ref_040","doi-asserted-by":"crossref","unstructured":"[40] N. Apthorpe, D. Y. Huang, D. Reisman, A. Narayanan, and N. Feamster, \u201cKeeping the smart home private with smart(er) IoT traffic shaping,\u201d PETS, vol. 2019, no. 3, pp. 128 \u2013 148, 2019. [Online]. Available: https:\/\/content.sciendo.com\/view\/journals\/popets\/2019\/3\/article-p128.xml10.2478\/popets-2019-0040","DOI":"10.2478\/popets-2019-0040"},{"key":"2022051409225060202_j_popets-2021-0075_ref_041","doi-asserted-by":"crossref","unstructured":"[41] A. Alshehri, J. Granley, and C. Yue, \u201cAttacking and protecting tunneled traffic of smart home devices,\u201d in CODASPY \u201920, 2020, p. 259\u2013270.10.1145\/3374664.3375723","DOI":"10.1145\/3374664.3375723"}],"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.sciendo.com\/pdf\/10.2478\/popets-2021-0075","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T16:31:44Z","timestamp":1658334704000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2021\/popets-2021-0075.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,23]]},"references-count":41,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2021,7,23]]},"published-print":{"date-parts":[[2021,10,1]]}},"alternative-id":["10.2478\/popets-2021-0075"],"URL":"https:\/\/doi.org\/10.2478\/popets-2021-0075","relation":{},"ISSN":["2299-0984"],"issn-type":[{"value":"2299-0984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,23]]}}}