IoT Event Classification Based on Network Traffic

The Internet of Things (IoT) consists of sensors and actuators that facilitate many aspects of our daily life. Compared to typical computing devices such as laptops and smartphones, these devices have a very limited set of functionalities and states. Researchers have shown that it is possible to infer the device type from its network traffic. In this paper, we show that an external observer that sniffs the network traffic of an IoT device can further classify device events and hence infer user actions by employing machine learning classifiers. We evaluate and compare the performance of ten machine learning algorithms in classifying 128 device events from 39 different devices. We analyze the impact of the user interaction through LAN and WAN as well as controllers such as Alexa voice assistant on the correct classification of device actions. We also inspect whether the region from which the device is impacts the performance of classifiers as researchers have shown that differing privacy restrictions lead to different external communications.

[1]  Pradipta De,et al.  Exploiting Diversity in Android TLS Implementations for Mobile App Traffic Classification , 2019, WWW.

[2]  Ahmad-Reza Sadeghi,et al.  IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT , 2016, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[3]  Mauro Conti,et al.  Peek-a-boo: i see your smart home activities, even encrypted! , 2018, WISEC.

[4]  Hamed Haddadi,et al.  Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach , 2019, Internet Measurement Conference.

[5]  William Enck,et al.  HomeSnitch: behavior transparency and control for smart home IoT devices , 2019, WiSec.

[6]  Mehmet Hadi Gunes,et al.  Automated IoT Device Identification using Network Traffic , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[7]  Mehmet Hadi Gunes,et al.  Operating System Classification Performance of TCP/IP Protocol Headers , 2016, 2016 IEEE 41st Conference on Local Computer Networks Workshops (LCN Workshops).

[8]  Hemanta Sapkota,et al.  Towards Securing Data Transfers Against Silent Data Corruption , 2019, 2019 19th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID).

[9]  Olivier Festor,et al.  Passive Inference of User Actions through IoT Gateway Encrypted Traffic Analysis , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[10]  Vijay Sivaraman,et al.  Characterizing and classifying IoT traffic in smart cities and campuses , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[11]  George Bebis,et al.  A survey of network flow applications , 2013, J. Netw. Comput. Appl..

[12]  Batyr Charyyev,et al.  RIVA: Robust Integrity Verification Algorithm for High-Speed File Transfers , 2020, IEEE Transactions on Parallel and Distributed Systems.

[13]  Ridha Soua,et al.  IoT Device Fingerprinting: Machine Learning based Encrypted Traffic Analysis , 2019, 2019 IEEE Wireless Communications and Networking Conference (WCNC).

[14]  Ahmad-Reza Sadeghi,et al.  AuDI: Toward Autonomous IoT Device-Type Identification Using Periodic Communication , 2019, IEEE Journal on Selected Areas in Communications.

[15]  Roberto Rojas-Cessa,et al.  Identification of User Application by an External Eavesdropper using Machine Learning Analysis on Network Traffic , 2019, 2019 IEEE International Conference on Communications Workshops (ICC Workshops).

[16]  Yoojae Won,et al.  Analysis of operating system identification via fingerprinting and machine learning , 2019, Comput. Electr. Eng..

[17]  Dimitrios Pendarakis,et al.  How to Discover IoT Devices When Network Traffic Is Encrypted , 2019, 2019 IEEE International Congress on Internet of Things (ICIOT).