Comment by zokier
1 day ago
realistically? not much regular joe can do.
advanced users can segregate all their iot crap into separate network which allows keeping an eye on what goes on in there. but you need to know what your normal safe baseline looks like to be able to identify something weird happening.
of course there is lot of fancy tools built around this topic too, stuff like zeek and suricata almost certainly could be used to identify possible compromises. especially in a separate iot network, which should have otherwise fairly regular traffic patterns. but realistically, idk if anyone has been very successful in implementing such detection.
I recently heard that a group at Cardiff University is moving to commercialize what was their PHD thesis on this topic.
https://orca.cardiff.ac.uk/id/eprint/147062/1/AnoML.pdf
Saw them working on their elevator pitch last week.