Related papers: Is this IoT Device Likely to be Secure? Risk Score Prediction for IoT Devices Using Gradient Boosting Machines

Is this IoT Device Likely to be Secure? Risk Score Prediction for IoT Devices Using Gradient Boosting Machines

URL: http://arxiv.org/abs/2111.11874v1
Date: Tue, 23 Nov 2021 13:41:29 GMT
Title: Is this IoT Device Likely to be Secure? Risk Score Prediction for IoT Devices Using Gradient Boosting Machines
Authors: Carlos A. Rivera A., Arash Shaghaghi, David D. Nguyen, Salil S. Kanhere
Abstract summary: Security risk assessment and prediction are critical for organisations deploying Internet of Things (IoT) devices. This paper proposes a novel risk prediction for IoT devices based on publicly available information about them.
Score: 11.177584118932572
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: Security risk assessment and prediction are critical for organisations deploying Internet of Things (IoT) devices. An absolute minimum requirement for enterprises is to verify the security risk of IoT devices for the reported vulnerabilities in the National Vulnerability Database (NVD). This paper proposes a novel risk prediction for IoT devices based on publicly available information about them. Our solution provides an easy and cost-efficient solution for enterprises of all sizes to predict the security risk of deploying new IoT devices. After an extensive analysis of the NVD records over the past eight years, we have created a unique, systematic, and balanced dataset for vulnerable IoT devices, including key technical features complemented with functional and descriptive features available from public resources. We then use machine learning classification models such as Gradient Boosting Decision Trees (GBDT) over this dataset and achieve 71% prediction accuracy in classifying the severity of device vulnerability score.

Related papers

Domain-Agnostic Hardware Fingerprinting-Based Device Identifier for Zero-Trust IoT Security [7.8344795632171325]
Next-generation networks aim for comprehensive connectivity, interconnecting humans, machines, devices, and systems seamlessly. To address this challenge, the Zero Trust (ZT) paradigm emerges as a key method for safeguarding network integrity and data confidentiality. This work introduces EPS-CNN, a novel deep-learning-based wireless device identification framework.
arXiv Detail & Related papers (2024-02-08T00:23:42Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z)
CNN based IoT Device Identification [0.0]
We present a method that identifies devices in the Aalto dataset using the convolutional neural network (CNN) In this study, we present a method that identifies devices in the Aalto dataset using the convolutional neural network (CNN)
arXiv Detail & Related papers (2023-04-27T00:37:16Z)
IoT Device Identification Based on Network Communication Analysis Using Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z)
Automated Identification of Vulnerable Devices in Networks using Traffic Data and Deep Learning [30.536369182792516]
Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network. We present and evaluate two deep learning approaches to the reliable IoT device-type identification.
arXiv Detail & Related papers (2021-02-16T14:49:34Z)
Optimizing Resource-Efficiency for Federated Edge Intelligence in IoT Networks [96.24723959137218]
We study an edge intelligence-based IoT network in which a set of edge servers learn a shared model using federated learning (FL) We propose a novel framework, called federated edge intelligence (FEI), that allows edge servers to evaluate the required number of data samples according to the energy cost of the IoT network. We prove that our proposed algorithm does not cause any data leakage nor disclose any topological information of the IoT network.
arXiv Detail & Related papers (2020-11-25T12:51:59Z)
The Case for Retraining of ML Models for IoT Device Identification at the Edge [0.026215338446228163]
We show how to identify IoT devices based on their network behavior using resources available at the edge of the network. It is possible to achieve device identification and categorization with over 80% and 90% accuracy respectively at the edge.
arXiv Detail & Related papers (2020-11-17T13:01:04Z)
Zero-Bias Deep Learning for Accurate Identification of Internet of Things (IoT) Devices [20.449229983283736]
We propose an enhanced deep learning framework for IoT device identification using physical layer signals. We have evaluated the effectiveness of the proposed framework using real data from ADS-B (Automatic Dependent Surveillance-Broadcast), an application of IoT in aviation.
arXiv Detail & Related papers (2020-08-27T20:50:48Z)
Predictive Maintenance for Edge-Based Sensor Networks: A Deep Reinforcement Learning Approach [68.40429597811071]
The risk of unplanned equipment downtime can be minimized through Predictive Maintenance of revenue generating assets. A model-free Deep Reinforcement Learning algorithm is proposed for predictive equipment maintenance from an equipment-based sensor network context. Unlike traditional black-box regression models, the proposed algorithm self-learns an optimal maintenance policy and provides actionable recommendation for each equipment.
arXiv Detail & Related papers (2020-07-07T10:00:32Z)
IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.