TY - GEN
T1 - IoT device identification via network-flow based fingerprinting and learning
AU - Hamad, Salma Abdalla
AU - Zhang, Wei Emma
AU - Sheng, Quan Z.
AU - Nepal, Surya
PY - 2019/8/1
Y1 - 2019/8/1
N2 - Nowadays, increasing number of intelligent devices and smart sensors are connected by Internet of Things (IoT) techniques, and have helped people to manage and improve their lives. However, security issues are emerging in IoT, among which things identification is one of the challenges in that various solutions of different vendors, standards, protocols and communities groups coexist. In this paper, we address the challenge of IoT device identification by analyzing a sequence of packets from its high-level network traffic, i.e., network-flow data and extract unique flow-based features to create a fingerprint for each device. We adopt supervised machine learning techniques for the identification task. The proposed approach can automatically identify white-listed device types and individual device instances connected to a network. Moreover, we propose a security system model design that enables enforcement of rules for constraining the IoT device communications as per their given privileges. Unknown or suspicious devices with abnormal behaviour can be identified, and their communication is restricted for further monitoring. We show that the presented approach is effective in identifying white-listed device types with average accuracy up to 90.3% which is a 9.3% increase compared with the state-of-the-art technique. Individual device instances having the same model and vendor as well as unknown devices are correctly identified with minimal performance overhead.
AB - Nowadays, increasing number of intelligent devices and smart sensors are connected by Internet of Things (IoT) techniques, and have helped people to manage and improve their lives. However, security issues are emerging in IoT, among which things identification is one of the challenges in that various solutions of different vendors, standards, protocols and communities groups coexist. In this paper, we address the challenge of IoT device identification by analyzing a sequence of packets from its high-level network traffic, i.e., network-flow data and extract unique flow-based features to create a fingerprint for each device. We adopt supervised machine learning techniques for the identification task. The proposed approach can automatically identify white-listed device types and individual device instances connected to a network. Moreover, we propose a security system model design that enables enforcement of rules for constraining the IoT device communications as per their given privileges. Unknown or suspicious devices with abnormal behaviour can be identified, and their communication is restricted for further monitoring. We show that the presented approach is effective in identifying white-listed device types with average accuracy up to 90.3% which is a 9.3% increase compared with the state-of-the-art technique. Individual device instances having the same model and vendor as well as unknown devices are correctly identified with minimal performance overhead.
KW - Automatic IoT Authentication
KW - Fingerprinting
KW - IoT Identification
KW - IoT Security
KW - Machine Learning
UR - http://www.scopus.com/inward/record.url?scp=85075160731&partnerID=8YFLogxK
U2 - 10.1109/TrustCom/BigDataSE.2019.00023
DO - 10.1109/TrustCom/BigDataSE.2019.00023
M3 - Conference proceeding contribution
T3 - IEEE Trustcom BigDataSE ISPA
SP - 103
EP - 111
BT - Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019
PB - Institute of Electrical and Electronics Engineers (IEEE)
CY - Los Alamitos, CA
T2 - 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019
Y2 - 5 August 2019 through 8 August 2019
ER -