Internet service providers can only detect the traffic of the network and they can only find out about Denial-of-service attack (DDOS ) attack once the attack has been executed (Dickson, 2020). Internet of Things (IoT) devices such smart cameras, lightbulb, fridge, and baby monitoring systems has a weak security and can be easily used to execute DDOS attack.
It is harder for the internet service provider (ISP) to find out about the vulnerable devices since they are behind the network address translation (NAT). The IoT devices also shares a common public address which makes it more complicated or the ISP to find out about any vulnerable IoT device within any home network.
To discover any vulnerable device within the network an detector can be placed between the router and the Optical Network Terminal (Dickson, 2020). The detector can be installed as an Raspberry Pi which will detect the traffic from the router and verify if there are any vulnerable IoT device within the network by comparing the CVE and NVD list of known vulnerability for home IoT devices. Once the vulnerable device is found then the detector can send an patch for the vulnerability and ISP can inform the user regarding the detecting and patching of their IoT device.
References:
Dickson, B. 2020. Artificial intelligence can stop IoT-based DDoS attacks in their tracks – research. Retrieved from: https://portswigger.net/daily-swig/artificial-intelligence-can-stop-iot-based-ddos-attacks-in-their-tracks-research
This is a great read. IoT devices are quickly becoming the Achilles heal in many networks for attackers to exploit. It is nice to hear that there are devices being created to help mitigate attacks against IoT devices. I remember hearing a story a few years ago about a casino that was breached because the attackers leveraged a vulnerability in an IoT air-conditioning system.