Full Program »
Is Visualization Enough? Evaluating the Efficacy of MUD-Visualizer in Enabling Ease of Deployment for Manufacturer Usage Description (MUD)
The IETF Manufacturer Usage Description (MUD) standard was designed to protect IoT devices through network micro-segmentation. In practice, this is implemented using per-device access control that is defined by the manufacturer. This access control is embedded in a "MUD-File", which is transferred to the user's network during the onboarding process, and may contain from one to hundreds of rules. Validating these rules for each device can be a challenge, particularly when devices are interacting. In response, MUD-Visualizer was designed to simplify the validation of individual and interacting MUD-Files through straightforward visualizations. In this work, we report on an evaluation of the usability and efficacy of MUD-Visualizer. The results illustrate that not only it is more usable compared to manual analysis, but the participants that used MUD-Visualizer also had more accurate results in less time.