Pinpointing Hidden IoT Devices via Spatial-temporal Traffic Fingerprinting

With the popularization of Internet of Things (IoT) devices in smart home and industry fields, a huge number of IoT devices are connected to the Internet. However, what devices are connected to a network may not be known by the Internet Service Provider (ISP), since many IoT devices are placed within small networks (e.g., home networks) and are hidden behind network address translation (NAT). Without pinpointing IoT devices in a network, it is unlikely for the ISP to appropriately configure security policies and effectively manage the network. In this paper, we design an efficient and scalable system via spatial-temporal traffic fingerprinting. Our system can accurately identify typical IoT devices in a network, with the additional capability of identifying what devices are hidden behind NAT and how many they are. Through extensive evaluation, we demonstrate that the system can generally identify IoT devices with an F-Score above 0.999, and estimate the number of the same type of IoT device behind NAT with an average error below 5%. We also perform small-scale (labor-intensive) experiments to show that our system is promising in detecting user-IoT interactions.

[1]  Jaime Lloret,et al.  Network Traffic Classifier With Convolutional and Recurrent Neural Networks for Internet of Things , 2017, IEEE Access.

[2]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[3]  Hossein Jafari,et al.  IoT Devices Fingerprinting Using Deep Learning , 2018, MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM).

[4]  Qiang Li,et al.  Towards automatic fingerprinting of IoT devices in the cyberspace , 2019, Comput. Networks.

[5]  Chinmay Bepery,et al.  Computing a longest common subsequence for multiple sequences , 2015, 2015 2nd International Conference on Electrical Information and Communication Technologies (EICT).

[6]  Song Han,et al.  Deep Compression: Compressing Deep Neural Network with Pruning, Trained Quantization and Huffman Coding , 2015, ICLR.

[7]  Ahmad-Reza Sadeghi,et al.  IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT , 2016, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[8]  Yuval Elovici,et al.  ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis , 2017, SAC.

[9]  Nick Feamster,et al.  Web-based Attacks to Discover and Control Local IoT Devices , 2018, IoT S&P@SIGCOMM.

[10]  Moncef Gabbouj,et al.  Real-Time Motor Fault Detection by 1-D Convolutional Neural Networks , 2016, IEEE Transactions on Industrial Electronics.

[11]  Gerald Penn,et al.  Convolutional Neural Networks for Speech Recognition , 2014, IEEE/ACM Transactions on Audio, Speech, and Language Processing.

[12]  Indrajit Ray,et al.  Behavioral Fingerprinting of IoT Devices , 2018, ASHES@CCS.

[13]  Sandhya Aneja,et al.  IoT Device Fingerprint using Deep Learning , 2018, 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS).

[14]  Damon McCoy,et al.  Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting , 2006, USENIX Security Symposium.

[15]  Thomas G. Szymanski,et al.  A fast algorithm for computing longest common subsequences , 1977, CACM.

[16]  Vijay Sivaraman,et al.  Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics , 2019, IEEE Transactions on Mobile Computing.

[17]  Nitish Srivastava,et al.  Dropout: a simple way to prevent neural networks from overfitting , 2014, J. Mach. Learn. Res..

[18]  Hao Zhang,et al.  Turning from TF-IDF to TF-IGM for term weighting in text classification , 2016, Expert Syst. Appl..

[19]  H. Vincent Poor,et al.  BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid , 2018, USENIX Security Symposium.

[20]  Anthony Brown,et al.  An Analysis of Home IoT Network Traffic and Behaviour , 2018, ArXiv.

[21]  Anton O. Prokofiev,et al.  Counteraction against Internet of Things Botnets in Private Networks , 2019, 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).

[22]  Dinil Mon Divakaran,et al.  DEFT: A Distributed IoT Fingerprinting Technique , 2019, IEEE Internet of Things Journal.

[23]  Nitish Srivastava,et al.  Improving neural networks by preventing co-adaptation of feature detectors , 2012, ArXiv.

[24]  Moncef Gabbouj,et al.  Real-Time Patient-Specific ECG Classification by 1-D Convolutional Neural Networks , 2016, IEEE Transactions on Biomedical Engineering.