Communication Traffic Characteristics Reveal an IoT Devices Identity

• URL: http://arxiv.org/abs/2402.16173v1
• Date: Sun, 25 Feb 2024 18:58:09 GMT
• Title: Communication Traffic Characteristics Reveal an IoT Devices Identity
• Authors: Rajarshi Roy Chowdhury, Debashish Roy, and Pg Emeroylariffion Abas
• Abstract summary: This paper proposes a machine learning-based device fingerprinting (DFP) model for identifying network-connected IoT devices. Experimental results have shown that the proposed DFP method achieves over 98% in classifying individual IoT devices.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Internet of Things (IoT) is one of the technological advancements of the twenty-first century which can improve living standards. However, it also imposes new types of security challenges, including device authentication, traffic types classification, and malicious traffic identification, in the network domain. Traditionally, internet protocol (IP) and media access control (MAC) addresses are utilized for identifying network-connected devices in a network, whilst these addressing schemes are prone to be compromised, including spoofing attacks and MAC randomization. Therefore, device identification using only explicit identifiers is a challenging task. Accurate device identification plays a key role in securing a network. In this paper, a supervised machine learning-based device fingerprinting (DFP) model has been proposed for identifying network-connected IoT devices using only communication traffic characteristics (or implicit identifiers). A single transmission control protocol/internet protocol (TCP/IP) packet header features have been utilized for generating unique fingerprints, with the fingerprints represented as a vector of 22 features. Experimental results have shown that the proposed DFP method achieves over 98% in classifying individual IoT devices using the UNSW dataset with 22 smart-home IoT devices. This signifies that the proposed approach is invaluable to network operators in making their networks more secure.

Related papers

• SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic [49.549771439609046]
  We propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security. Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication. Extensive experimental results show the effectiveness and efficiency of SISSA.
  arXiv  Detail & Related papers  (2024-02-21T03:31:40Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• IoT Device Identification Based on Network Communication Analysis Using Deep Learning [43.0717346071013]
  The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
  arXiv  Detail & Related papers  (2023-03-02T13:44:58Z)
• Internet of Things: Digital Footprints Carry A Device Identity [0.0]
  Device fingerprinting (DFP) model is able to distinguish between Internet of Things (IoT) and non-IoT devices. Four statistical features have been extracted from the consecutive five device-originated packets, to generate individual device fingerprints.
  arXiv  Detail & Related papers  (2023-01-01T02:18:02Z)
• Task-Oriented Communications for NextG: End-to-End Deep Learning and AI Security Aspects [78.84264189471936]
  NextG communication systems are beginning to explore shifting this design paradigm to reliably executing a given task such as in task-oriented communications. Wireless signal classification is considered as the task for the NextG Radio Access Network (RAN), where edge devices collect wireless signals for spectrum awareness and communicate with the NextG base station (gNodeB) that needs to identify the signal label. Task-oriented communications is considered by jointly training the transmitter, receiver and classifier functionalities as an encoder-decoder pair for the edge device and the gNodeB.
  arXiv  Detail & Related papers  (2022-12-19T17:54:36Z)
• Device identification using optimized digital footprints [0.0]
  A device fingerprinting (DFP) method has been proposed for device identification, based on digital footprints, which devices use for communication over a network. A subset of nine features have been selected from the network and transport layers of a single transmission control protocol/internet protocol packet to generate device-specific signatures. Results have shown that the method is able to distinguish device type with up to 100% precision using the random forest (RF) classifier, and classify individual devices with up to 95.7% precision.
  arXiv  Detail & Related papers  (2022-12-04T14:21:29Z)
• CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals [48.813942331065206]
  We propose a security hardening system for in-vehicle networks. The proposed system includes two mechanisms that process deep features extracted from voltage signals measured on the CAN bus.
  arXiv  Detail & Related papers  (2021-06-15T06:12:33Z)
• Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey [16.3730669259576]
  The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection.
  arXiv  Detail & Related papers  (2021-01-25T15:51:04Z)
• Network Traffic Analysis based IoT Device Identification [1.3484794751207887]
  Device identification is the process of identifying a device on Internet without using its assigned network or other credentials. In a network, conventional IoT devices identify each other by utilizing IP or MAC addresses, which are prone to spoofing. To mitigate the issue in IoT devices, fingerprint (DFP) for device identification can be used.
  arXiv  Detail & Related papers  (2020-09-10T06:28:11Z)
• IoT Device Identification Using Deep Learning [43.0717346071013]
  The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
  arXiv  Detail & Related papers  (2020-02-25T12:24:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.