A Time-efficient Multi-Protocol Probe Scheme for Fine-grain IoT Device Identification

Internet of Things (IoT) devices connected to the Internet are exploding, which poses a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although we can identify the device type easily through grabbing protocol banner information, both brand and model of different types of device are various and diverse. We should therefore utilize multi-protocol probes to improve the fineness of device identification and obtain the corresponding brand and model. However, it is still a challenge to balance between the multi-protocol probe overhead and the identification fineness. To solve this problem, we proposed a time-efficient multi-protocol probe scheme for fine-grain devices identification. We first adopted the concept of reinforcement learning to model the banner-based device identification process into a Markov decision process (MDP). Through the value iteration algorithm, an optimal multi-protocol probe sequence is generated for a type-known IoT device, and then the optimal multi-protocol probes sequence segment is extracted based on the gain threshold of identification accuracy. We took 132,835 webcams as the sample data to experiment. The experimental results showed that our optimal multi-protocol probes sequence segment could reduce the identification time of webcams’ brand and model by 50.76% and achieve the identification accuracy of 90.5% and 92.3% respectively. In addition, we demonstrated that our time-efficient optimal multi-protocol probe scheme could also significantly improve the identification efficiency of other IoT devices, such as routers and printers.

[1]  Evizal Abdul Kadir,et al.  Network Traffic Monitoring and Analysis Using Packet Sniffer , 2019, 2019 International Conference on Advanced Communication Technologies and Networking (CommNet).

[2]  Robert A. E. Zidek,et al.  Drift counteraction optimal control for deterministic systems and enhancing convergence of value iteration , 2017, Autom..

[3]  Gordon Fyodor Lyon,et al.  Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning , 2009 .

[4]  Qiang Li,et al.  Characterizing industrial control system devices on the Internet , 2016, 2016 IEEE 24th International Conference on Network Protocols (ICNP).

[5]  Qiang Li,et al.  A Framework for Searching Internet-Wide Devices , 2017, IEEE Network.

[6]  K. Shadan,et al.  Available online: , 2012 .

[7]  Yan Liu,et al.  Active Profiling of Physical Devices at Internet Scale , 2016, 2016 25th International Conference on Computer Communication and Networks (ICCCN).

[8]  Mehmet Hadi Gunes,et al.  Automated IoT Device Identification using Network Traffic , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[9]  Quan Z. Sheng,et al.  IoT Device Identification via Network-Flow Based Fingerprinting and Learning , 2019, 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[10]  Athanasios V. Vasilakos,et al.  A Low-Latency Communication Scheme for Mobile Wireless Sensor Control Systems , 2019, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[11]  Naixue Xiong,et al.  Knowledge-aware Proactive Nodes Selection approach for energy management in Internet of Things , 2017, Future Gener. Comput. Syst..

[12]  Nasir Ghani,et al.  A Machine Learning Model for Classifying Unsolicited IoT Devices by Observing Network Telescopes , 2018, 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC).

[13]  Qiang Li,et al.  Acquisitional Rule-based Engine for Discovering Internet-of-Thing Devices , 2018, USENIX Security Symposium.

[14]  Jianping Wu,et al.  VNE-TD: A virtual network embedding algorithm based on temporal-difference learning , 2019, Comput. Networks.

[15]  Athanasios V. Vasilakos,et al.  Energy-Efficient Provisioning for Service Function Chains to Support Delay-Sensitive Applications in Network Function Virtualization , 2020, IEEE Internet of Things Journal.

[16]  Athanasios V. Vasilakos,et al.  An effective service-oriented networking management architecture for 5G-enabled internet of things , 2020, Comput. Networks.

[17]  Qiang Li,et al.  GUIDE: Graphical user interface fingerprints physical devices , 2016, 2016 IEEE 24th International Conference on Network Protocols (ICNP).

[18]  Ali Heydari,et al.  Stability Analysis of Optimal Adaptive Control Under Value Iteration Using a Stabilizing Initial Policy , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[19]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[20]  Athanasios V. Vasilakos,et al.  Design of secure key management and user authentication scheme for fog computing services , 2019, Future Gener. Comput. Syst..

[21]  Patrice Auffret SinFP, unification of active and passive operating system fingerprinting , 2008, Journal in Computer Virology.

[22]  Qiang Li,et al.  Towards Fine-grained Fingerprinting of Firmware in Online Embedded Devices , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[23]  Athanasios V. Vasilakos,et al.  Low-Latency and Resource-Efficient Service Function Chaining Orchestration in Network Function Virtualization , 2020, IEEE Internet of Things Journal.