IoT Sentinel Demo: Automated Device-Type Identification for Security Enforcement in IoT

The emergence of numerous new manufacturers producing devices for the Internet-of-Things (IoT) has given rise to new security concerns. Many IoT devices exhibit security flaws making them vulnerable for attacks and manufacturers have difficulties in providing appropriate security patches to their products in a timely and user-friendly manner. In this paper, we present our implementation of IoT Sentinel, which is a system aimed at protecting the user's network from vulnerable IoT devices. IoT Sentinel automatically identifies vulnerable devices when they are first introduced to the network and enforces appropriate traffic filtering rules to protect other devices from the threats originating from the vulnerable devices.

[1]  Felix C. Freiling,et al.  Fingerprinting Mobile Devices Using Personalized Configurations , 2016, Proc. Priv. Enhancing Technol..

[2]  Marco Gruteser,et al.  Wireless device identification with radiometric signatures , 2008, MobiCom '08.

[3]  Sasu Tarkoma,et al.  Off-the-Shelf Software-defined Wi-Fi Networks , 2016, SIGCOMM.

[4]  Donald L. Gilbert,et al.  PANDAS , 2009, Neurology.

[5]  Raheem Beyah,et al.  GTID: A Technique for Physical Device and Device Type Fingerprinting , 2015, IEEE Transactions on Dependable and Secure Computing.

[6]  Ke Gao,et al.  A passive approach to wireless device fingerprinting , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[7]  T. Kohno,et al.  Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[8]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[9]  Wouter Joosen,et al.  Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication , 2016, ESSoS.

[10]  Antonio F. Gómez-Skarmeta,et al.  Towards a Lightweight Authentication and Authorization Framework for Smart Objects , 2014 .

[11]  Panagiotis Papadimitratos,et al.  SHIELD: a data verification framework for participatory sensing systems , 2015, WISEC.

[12]  Srinivasan Seshan,et al.  802.11 user fingerprinting , 2007, MobiCom '07.

[13]  Pino Caballero-Gil,et al.  Strong authentication on smart wireless devices , 2013, Second International Conference on Future Generation Communication Technologies (FGCT 2013).

[14]  Damon McCoy,et al.  Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting , 2006, USENIX Security Symposium.

[15]  Fred J. Damerau,et al.  A technique for computer detection and correction of spelling errors , 1964, CACM.

[16]  Ahmad-Reza Sadeghi,et al.  IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT , 2016, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[17]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[18]  Samuel Marchal,et al.  Profiling Users by Modeling Web Transactions , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[19]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[20]  Fingerprinting 802.11 Implementations via Statistical Analysis of the Duration Field , 2006 .

[21]  Zhao Li,et al.  SIFT: building an internet of safe things , 2015, IPSN.

[22]  Christof Paar,et al.  Authenticated key establishment for low-resource devices exploiting correlated random channels , 2016, Comput. Networks.