SAC105 - The DNS and the Internet of Things: Opportunities, Risks, and Challenges

The Internet of Things (IoT) promises to enhance our daily lives by seamlessly and autonomously sensing and acting upon our physical environment through tens of billions of connected devices. While this makes the IoT vastly different from traditional Internet applications like email and web browsing, we expect that a significant number of IoT deployments will use the DNS to locate remote services that they need, for instance to enable telemetry data transmission and collection for monitoring and analysis of sensor data. In this report, the SSAC provides a discussion on the interplay between the DNS and the IoT, arguing that the IoT represents both an opportunity and a risk to the DNS. It is an opportunity because the DNS provides functions and data that can help make the IoT more secure, stable, and transparent, which is critical given the IoT's interaction with the physical world. It is a risk because various measurement studies suggest that IoT devices may stress the DNS, for instance, because of complex DDoS attacks carried out by botnets that grow to hundreds of thousands or in the future millions of infected IoT devices within hours. We also identify and discuss five challenges for the DNS and IoT industries (e.g., DNS and IoT operators and software developers) to address these opportunities and risks, for instance by making the DNS’s security functions (e.g., response verification and encryption) available on popular IoT operating systems and by developing a shared system that allows different DNS operators to automatically and continually exchange data on IoT botnet activity.

• Networking