With an increasing number of Internet of Things (IoT) devices present in homes, there is a rise in the number of potential information leakage channels and their associated security threats and privacy risks. Despite a long history of attacks on IoT devices in unprotected home networks, the problem of accurate, rapid detection and prevention of such attacks remains open. Many existing IoT protection solutions are cloud-based, sometimes ineffective, and might share consumer data with unknown third parties. This paper investigates the potential for effective IoT threat detection locally, on a home router, using AI tools combined with classic rule-based traffic-filtering algorithms. Our results show that with a slight rise of router hardware resources caused by machine learning and traffic filtering logic, a typical home router instrumented with our solution is able to effectively detect risks and protect a typical home IoT network, equaling or outperforming existing popular solutions, without any effects on benign IoT functionality, and without relying on cloud services and third parties.

翻译：随着家庭中物联网设备数量的不断增加，潜在的信息泄露渠道及其相关的安全威胁与隐私风险也随之上升。尽管针对无防护家庭网络中物联网设备的攻击已有较长历史，但如何准确、快速地检测并阻止此类攻击的问题仍未得到解决。许多现有的物联网保护方案基于云端，有时效果不佳，甚至可能将用户数据共享给未知第三方。本文研究了在家庭路由器本地利用人工智能工具结合传统基于规则的流量过滤算法进行有效物联网威胁检测的可行性。结果表明，在机器学习及流量过滤逻辑导致路由器硬件资源略有增加的情况下，搭载我们解决方案的典型家庭路由器能够有效检测风险并保护典型的家庭物联网网络，其性能持平甚至优于现有的主流解决方案，既不影响物联网设备的正常功能，也无需依赖云服务与第三方。