Rapid IoT device identification at the edge

Consumer Internet of Things (IoT) devices are increasingly common in everyday homes, from smart speakers to security cameras. Along with their benefits come potential privacy and security threats. To limit these threats we must implement solutions to filter IoT traffic at the edge. To this end the identification of the IoT device is the first natural step. In this paper we demonstrate a novel method of rapid IoT device identification that uses neural networks trained on device DNS traffic that can be captured from a DNS server on the local network. The method identifies devices by fitting a model to the first seconds of DNS second-level-domain traffic following their first connection. Since security and privacy threat detection often operate at a device specific level, rapid identification allows these strategies to be implemented immediately. Through a total of 51,000 rigorous automated experiments, we classify 30 consumer IoT devices from 27 different manufacturers with 82% and 93% accuracy for product type and device manufacturers respectively.

[1]  C. L. Philip Chen,et al.  A rapid learning and dynamic stepwise updating algorithm for flat neural networks and the application to time-series prediction , 1999, IEEE Trans. Syst. Man Cybern. Part B.

[2]  Hamed Haddadi,et al.  Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach , 2019, Internet Measurement Conference.

[3]  Yuval Elovici,et al.  IoT Device Identification Using Deep Learning , 2019, CISIS.

[4]  Li Yang,et al.  IoT ETEI: End-to-End IoT Device Identification Method , 2021, 2021 IEEE Conference on Dependable and Secure Computing (DSC).

[5]  Ahmad-Reza Sadeghi,et al.  AuDI: Toward Autonomous IoT Device-Type Identification Using Periodic Communication , 2019, IEEE Journal on Selected Areas in Communications.

[6]  Hamed Haddadi,et al.  Revisiting IoT Device Identification , 2021, TMA.

[7]  Mehmet Hadi Gunes,et al.  Automated IoT Device Identification using Network Traffic , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[8]  Vijay Sivaraman,et al.  Progressive Monitoring of IoT Networks Using SDN and Cost-Effective Traffic Signatures , 2020, 2020 Workshop on Emerging Technologies for Security in IoT (ETSecIoT).

[9]  Vijay Sivaraman,et al.  Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics , 2019, IEEE Transactions on Mobile Computing.

[10]  Hamed Haddadi,et al.  Blocking Without Breaking: Identification and Mitigation of Non-Essential IoT Traffic , 2021, Proc. Priv. Enhancing Technol..

[11]  Nick Feamster,et al.  Watching You Watch: The Tracking Ecosystem of Over-the-Top TV Streaming Devices , 2019, CCS.

[12]  Roberto Perdisci,et al.  IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis , 2020, 2020 IEEE European Symposium on Security and Privacy (EuroS&P).

[13]  Sasu Tarkoma,et al.  IoT-KEEPER: Detecting Malicious IoT Network Activity Using Online Traffic Analysis at the Edge , 2020, IEEE Transactions on Network and Service Management.

[14]  Yuval Elovici,et al.  ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis , 2017, SAC.

[15]  Athina Markopoulou,et al.  The TV is Smart and Full of Trackers: Measuring Smart TV Advertising and Tracking , 2020, Proc. Priv. Enhancing Technol..

[16]  Kedar Potdar,et al.  A Comparative Study of Categorical Variable Encoding Techniques for Neural Network Classifiers , 2017 .

[17]  Hao Yu,et al.  Selection of Proper Neural Network Sizes and Architectures—A Comparative Study , 2012, IEEE Transactions on Industrial Informatics.

[18]  Jaime Lloret,et al.  Network Traffic Classifier With Convolutional and Recurrent Neural Networks for Internet of Things , 2017, IEEE Access.