``Deep Dive into the IoT Backend Ecosystem"
Said Jawad Saidi, Srdjan Matic, Oliver Gasser, Georgios Smaragdakis, and Anja Feldmann.
ACM IMC 2022.

Internet of Things (IoT) devices are becoming increasingly ubiquitous, e.g., at home, enterprise environments, and production lines. To support the advanced functionalities of IoT devices, IoT vendors, as well as service and cloud companies, operate IoT backends---the focus of this paper. We propose a methodology to identify and locate them by (a) compiling a list of domains used exclusively by major IoT backend providers and (b) then identifying their server IP addresses. We rely on multiple sources, including IoT backend provider documentation, passive DNS data, and active scanning. For analyzing IoT traffic patterns, we rely on passive network flows from a major European ISP.

Our analysis focuses on the top IoT backends in terms of revenue and unveils diverse operational strategies---from operating their own infrastructure to utilizing the public cloud. We find that the majority of the top IoT backend providers are located in multiple locations and countries. Still, a handful are located only in one country, which could raise regulatory scrutiny as the client IoT devices are located in other regions. Indeed, our analysis shows that up to 30% of IoT traffic is exchanged with IoT backend servers in other continents. We also find that at least six of the top IoT backends rely on other IoT backend providers. We also evaluate if cascading effects among the IoT backend providers are possible in the event of an outage, a misconfiguration, or an attack.

Paper           :
bibtex          : [bibtex.html]