Iot device identification via network-flow based fingerprinting and learning

SA Hamad, WE Zhang, QZ Sheng… - 2019 18th IEEE …, 2019 - ieeexplore.ieee.org
2019 18th IEEE international conference on trust, security and …, 2019ieeexplore.ieee.org
Nowadays, increasing number of intelligent devices and smart sensors are connected by
Internet of Things (IoT) techniques, and have helped people to manage and improve their
lives. However, security issues are emerging in IoT, among which things identification is one
of the challenges in that various solutions of different vendors, standards, protocols and
communities groups coexist. In this paper, we address the challenge of IoT device
identification by analyzing a sequence of packets from its high-level network traffic, ie …
Nowadays, increasing number of intelligent devices and smart sensors are connected by Internet of Things (IoT) techniques, and have helped people to manage and improve their lives. However, security issues are emerging in IoT, among which things identification is one of the challenges in that various solutions of different vendors, standards, protocols and communities groups coexist. In this paper, we address the challenge of IoT device identification by analyzing a sequence of packets from its high-level network traffic, i.e., network-flow data and extract unique flow-based features to create a fingerprint for each device. We adopt supervised machine learning techniques for the identification task. The proposed approach can automatically identify white-listed device types and individual device instances connected to a network. Moreover, we propose a security system model design that enables enforcement of rules for constraining the IoT device communications as per their given privileges. Unknown or suspicious devices with abnormal behaviour can be identified, and their communication is restricted for further monitoring. We show that the presented approach is effective in identifying white-listed device types with average accuracy up to 90.3% which is a 9.3% increase compared with the state-of-the-art technique. Individual device instances having the same model and vendor as well as unknown devices are correctly identified with minimal performance overhead.
ieeexplore.ieee.org
以上显示的是最相近的搜索结果。 查看全部搜索结果