Automated Identification of Vulnerable Devices in Networks using Traffic Data and Deep Learning

• URL: http://arxiv.org/abs/2102.08199v1
• Date: Tue, 16 Feb 2021 14:49:34 GMT
• Title: Automated Identification of Vulnerable Devices in Networks using Traffic Data and Deep Learning
• Authors: Jakob Greis, Artem Yushchenko, Daniel Vogel, Michael Meier and Volker Steinhage
• Abstract summary: Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network. We present and evaluate two deep learning approaches to the reliable IoT device-type identification.
• Score: 30.536369182792516
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Many IoT devices are vulnerable to attacks due to flawed security designs and lacking mechanisms for firmware updates or patches to eliminate the security vulnerabilities. Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network and can be used to constrain the communications of vulnerable devices for preventing damage. In this contribution, we present and evaluate two deep learning approaches to the reliable IoT device-type identification, namely a recurrent and a convolutional network architecture. Both deep learning approaches show accuracies of 97% and 98%, respectively, and thereby outperform an up-to-date IoT device-type identification approach using hand-crafted fingerprint features obtaining an accuracy of 82%. The runtime performance for the IoT identification of both deep learning approaches outperforms the hand-crafted approach by three magnitudes. Finally, importance metrics explain the results of both deep learning approaches in terms of the utilization of the analyzed traffic data flow.

Related papers

• Locality Sensitive Hashing for Network Traffic Fingerprinting [5.062312533373298]
  We use locality-sensitive hashing (LSH) for network traffic fingerprinting. Our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.
  arXiv  Detail & Related papers  (2024-02-12T21:14:37Z)
• Domain-Agnostic Hardware Fingerprinting-Based Device Identifier for Zero-Trust IoT Security [7.8344795632171325]
  Next-generation networks aim for comprehensive connectivity, interconnecting humans, machines, devices, and systems seamlessly. To address this challenge, the Zero Trust (ZT) paradigm emerges as a key method for safeguarding network integrity and data confidentiality. This work introduces EPS-CNN, a novel deep-learning-based wireless device identification framework.
  arXiv  Detail & Related papers  (2024-02-08T00:23:42Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Effective Intrusion Detection in Highly Imbalanced IoT Networks with Lightweight S2CGAN-IDS [48.353590166168686]
  Internet of Things (IoT) networks contain benign traffic far more than abnormal traffic, with some rare attacks. Most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class. We propose a lightweight framework named S2CGAN-IDS to expand the number of minority categories in both data space and feature space.
  arXiv  Detail & Related papers  (2023-06-06T14:19:23Z)
• IoT Device Identification Based on Network Communication Analysis Using Deep Learning [43.0717346071013]
  The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
  arXiv  Detail & Related papers  (2023-03-02T13:44:58Z)
• OMINACS: Online ML-Based IoT Network Attack Detection and Classification System [0.0]
  This paper proposes an online attack detection and network traffic classification system. It combines stream Machine Learning, Deep Learning, and Ensemble Learning technique. It can detect the presence of malicious traffic flows and classify them according to the type of attack they represent.
  arXiv  Detail & Related papers  (2023-02-18T04:06:24Z)
• Unsupervised Ensemble Based Deep Learning Approach for Attack Detection in IoT Network [0.0]
  Internet of Things (IoT) has altered living by controlling devices/things over the Internet. To bring down the IoT network, attackers can utilise these devices to conduct a variety of network attacks. In this paper, we have developed an unsupervised ensemble learning model that is able to detect new or unknown attacks in an IoT network from an unlabelled dataset.
  arXiv  Detail & Related papers  (2022-07-16T11:12:32Z)
• Intrusion Detection using Network Traffic Profiling and Machine Learning for IoT [2.309914459672557]
  A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber-attacks.
  arXiv  Detail & Related papers  (2021-09-06T15:30:10Z)
• Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
  Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker. Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner. We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
  arXiv  Detail & Related papers  (2020-06-18T14:50:08Z)
• IoT Device Identification Using Deep Learning [43.0717346071013]
  The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
  arXiv  Detail & Related papers  (2020-02-25T12:24:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.