ScaNeF-IoT: Scalable Network Fingerprinting for IoT Device
ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security
Article No.: 195, Pages 1 - 9
Abstract
Recognising IoT devices through network fingerprinting contributes to enhancing the security of IoT networks and supporting forensic activities. Machine learning techniques have been extensively utilised in the literature to optimise IoT fingerprinting accuracy. Given the rapid proliferation of new IoT devices, a current challenge in this field is around how to make IoT fingerprinting scalable, which involves efficiently updating the used machine learning model to enable the recognition of new IoT devices. Some approaches have been proposed to achieve scalability, but they all suffer from limitations like large memory requirements to store training data and accuracy decrease for older devices.
In this paper, we propose ScaNeF-IoT, a novel scalable network fingerprinting approach for IoT devices based on online stream learning and features extracted from fixed-size session payloads. Employing online stream learning allows to update the model without retaining training data. This, alongside relying on fixed-size session payloads, enables scalability without deteriorating recognition accuracy. We implement ScaNeF-IoT by analysing TCP/UDP payloads and utilising the Aggregated Mandrian Forest as the online stream learning algorithm. We provide a preliminary evaluation of ScaNeF-IoT accuracy and how it is affected as the model is updated iteratively to recognise new IoT devices. Furthermore, we compare ScaNeF-IoT accuracy with other IoT fingerprinting approaches, demonstrating that it is comparable to the state of the art and does not worsen as the classifier model is updated, despite not requiring to retain any training data for older IoT devices.
References
[1]
Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, and Selcuk Uluagac. 2020. Peek-a-boo: i see your smart home activities, even encrypted!. In Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks.
[2]
A. Aksoy and M. H. Gunes. 2019. Automated IoT Device Identification using Network Traffic. In ICC 2019 - 2019 IEEE International Conference on Communications (ICC).
[3]
Sandhya Aneja, Nagender Aneja, and Md Shohidul Islam. 2018. IoT Device Fingerprint using Deep Learning. In 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS).
[4]
Lei Bai, Lina Yao, Salil S. Kanhere, Xianzhi Wang, and Zheng Yang. 2018. Automatic Device Classification from Network Traffic Streams of Internet of Things. In 2018 IEEE 43rd Conference on Local Computer Networks (LCN).
[5]
Jiaqi Bao, Bechir Hamdaoui, and Weng-Keen Wong. 2020. IoT Device Type Identification Using Hybrid Deep Learning Approach for Increased IoT Security. In 2020 International Wireless Communications and Mobile Computing (IWCMC).
[6]
Bruhadeshwar Bezawada, Maalvika Bachani, Jordan Peterson, Hossein Shirazi, Indrakshi Ray, and Indrajit Ray. 2018. Behavioral Fingerprinting of IoT Devices. In Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security.
[7]
Joe Collins, Michaela Iorga, Dmitry Cousin, and David Chapman. 2020. Passive Encrypted IoT Device Fingerprinting with Persistent Homology. In NeurIPS 2020 Workshop on Topological Data Analysis and Beyond.
[8]
Fred J. Damerau. 1964. A technique for computer detection and correction of spelling errors. Commun. ACM (1964).
[9]
B. A. Desai, D. M. Divakaran, I. Nevat, G. W. Peter, and M. Gurusamy. 2019. A feature-ranking framework for IoT device classification. In 2019 11th International Conference on Communication Systems Networks (COMSNETS).
[10]
Ruizhong Du and Shuang Li. 2021. Identification of IoT Devices Based on Feature Vector Split. In 2021 IEEE Symposium on Computers and Communications (ISCC).
[11]
Linna Fan, Lin He, Yichao Wu, Shize Zhang, Zhiliang Wang, Jia Li, Jiahai Yang, Chaocan Xiang, and Xiaoqian Ma. 2022. AutoIoT: Automatically Updated IoT Device Identification With Semi-Supervised Learning. IEEE Transactions on Mobile Computing (2022).
[12]
João Gama, Raquel Sebastião, and Pedro Pereira Rodrigues. 2013. On evaluating stream learning algorithms. Mach. Learn. (2013).
[13]
Heitor Murilo Gomes, Jesse Read, Albert Bifet, Jean Paul Barddal, and João Gama. 2019. Machine learning for streaming data: state of the art, challenges, and opportunities. SIGKDD Explor. Newsl. (2019).
[14]
S. A. Hamad, W. E. Zhang, Q. Z. Sheng, and S. Nepal. 2019. IoT Device Identification via Network-Flow Based Fingerprinting and Learning. In 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).
[15]
Jaidip Kotak and Yuval Elovici. 2021. IoT Device Identification Using Deep Learning. In 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020).
[16]
Jaidip Kotak and Yuval Elovici. 2022. IoT device identification based on network communication analysis using deep learning. Journal of Ambient Intelligence and Humanized Computing (2022).
[17]
Balaji Lakshminarayanan, Daniel M Roy, and Yee Whye Teh. 2014. Mondrian forests: Efficient online random forests. Advances in neural information processing systems (2014).
[18]
Yongxin Liu, Jian Wang, Jianqiang Li, Shuteng Niu, and Houbing Song. 2021. Class-Incremental Learning for Wireless Device Identification in IoT. IEEE Internet of Things Journal (2021).
[19]
Xiaobo Ma, Jian Qu, Jianfeng Li, John C.S. Lui, Zhenhua Li, and Xiaohong Guan. 2020. Pinpointing Hidden IoT Devices via Spatial-temporal Traffic Fingerprinting. In IEEE INFOCOM 2020 - IEEE Conference on Computer Communications.
[20]
Xiaobo Ma, Jian Qu, Jianfeng Li, John C. S. Lui, Zhenhua Li, Wenmao Liu, and Xiaohong Guan. 2022. Inferring Hidden IoT Devices and User Interactions via Spatial-Temporal Traffic Fingerprinting. IEEE/ACM Transactions on Networking (2022).
[21]
S. Marchal, M. Miettinen, T. D. Nguyen, A. Sadeghi, and N. Asokan. 2019. AuDI: Toward Autonomous IoT Device-Type Identification Using Periodic Communication. IEEE Journal on Selected Areas in Communications (2019).
[22]
Marc Masana, Xialei Liu, Bartłomiej Twardowski, Mikel Menta, Andrew D. Bagdanov, and Joost van de Weijer. 2023. Class-Incremental Learning: Survey and Performance Evaluation on Image Classification. IEEE Transactions on Pattern Analysis and Machine Intelligence (2023).
[23]
Yair Meidan, Michael Bohadana, Asaf Shabtai, Juan David Guarnizo, Martín Ochoa, Nils Ole Tippenhauer, and Yuval Elovici. 2017. ProfilIoT: A Machine Learning Approach for IoT Device Identification Based on Network Traffic Analysis. In Proceedings of the Symposium on Applied Computing.
[24]
M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, and S. Tarkoma. 2017. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).
[25]
Jaouad Mourtada, Stéphane Gaïffas, and Erwan Scornet. 2021. AMF: Aggregated Mondrian forests for online learning. Journal of the Royal Statistical Society Series B: Statistical Methodology (2021).
[26]
N. Msadek, R. Soua, and T. Engel. 2019. IoT Device Fingerprinting: Machine Learning based Encrypted Traffic Analysis. In 2019 IEEE Wireless Communications and Networking Conference (WCNC).
[27]
Netresec. 2010. SplitCap: A Tool for Network Traffic Analysis. https://www.netresec.com/?page=SplitCap#
[28]
R. Perdisci, T. Papastergiou, O. Alrawi, and M. Antonakakis. 2020. IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis. In 2020 IEEE European Symposium on Security and Privacy (EuroS P).
[29]
Jingjing Ren, Daniel J. Dubois, David Choffnes, Anna Maria Mandalari, Roman Kolcun, and Hamed Haddadi. 2019. Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach. In Proceedings of the Internet Measurement Conference.
[30]
M. R. Shahid, G. Blanc, Z. Zhang, and H. Debar. 2018. IoT Devices Recognition Through Network Traffic Analysis. In 2018 IEEE International Conference on Big Data (Big Data).
[31]
A. Sivanathan, H. H. Gharakheili, F. Loi, A. Radford, C. Wijenayake, A. Vishwanath, and V. Sivaraman. 2019. Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics. IEEE Transactions on Mobile Computing (2019).
[32]
A. Sivanathan, H. H. Gharakheili, and V. Sivaraman. 2019. Inferring IoT Device Types from Network Behavior Using Unsupervised Clustering. In 2019 IEEE 44th Conference on Local Computer Networks (LCN).
[33]
Jianhua Sun, Kun Sun, and Chris Shenefiel. 2019. Automated IoT Device Fingerprinting Through Encrypted Stream Classification. In Security and Privacy in Communication Networks.
[34]
Yi Sun, Jie Liu, Ali Kashif Bashir, Usman Tariq, Wei Liu, Keliang Chen, and Mohammad Dahman Alshehri. 2021. E-CIS: Edge-based classifier identification scheme in green & sustainable IoT smart city. Sustainable Cities and Society (2021).
[35]
Vijayanand Thangavelu, D. Divakaran, R. Sairam, S. Bhunia, and M. Gurusamy. 2019. DEFT: A Distributed IoT Fingerprinting Technique. IEEE Internet of Things Journal (2019).
[36]
Lionel Sujay Vailshery. 2023. Number of Internet of Things (IoT) connected devices worldwide from 2019 to 2023, with forecasts from 2022 to 2030. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/
[37]
Gido M. van de Ven, Zhe Li, and Andreas S. Tolias. 2021. Class-Incremental Learning With Generative Classifiers. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) Workshops.
[38]
Juan Wang, Jing Zhong, and Jiangqi Li. 2023. IoT-Portrait: Automatically Identifying IoT Devices via Transformer with Incremental Learning. Future Internet (2023).
[39]
L. Yu, T. Liu, Z. Zhou, Y. Zhu, Q. Liu, and J. Tan. 2018. WDMTI: Wireless Device Manufacturer and Type Identification Using Hierarchical Dirichlet Process. In 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS).
Index Terms
- ScaNeF-IoT: Scalable Network Fingerprinting for IoT Device
Recommendations
Network Traffic Analysis based IoT Device Identification
BDIOT '20: Proceedings of the 2020 4th International Conference on Big Data and Internet of ThingsDevice identification is the process of identifying a device on Internet without using its assigned network or other credentials. The sharp rise of usage in Internet of Things (IoT) devices has imposed new challenges in device identification due to a ...
IoT device security audit tools: a comprehensive analysis and a layered architecture approach for addressing expanded security requirements: IoT device security audit tools...
AbstractThe Internet of Things (IoT) has the potential to bring unprecedented accessibility and efficiency to a wide range of critical applications and access control services. With the advent of IoT technology, there is a surge in potential threats and ...
Convergence of Blockchain Enabled Internet of Things (IoT) Framework: A Survey
Ubiquitous NetworkingAbstractRecent research and experiments in the field of Internet of Things (IoT) security have found that these devices are vulnerable to various attacks, ranging from cyber-attacks to physical attacks on devices. Internet of Things (IoTs) have certain ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
July 2024
2032 pages
ISBN:9798400717185
DOI:10.1145/3664476
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Engineering and Physical Sciences Research Council (EPSRC)
Conference
ARES 2024
ARES 2024: The 19th International Conference on Availability, Reliability and Security
July 30 - August 2, 2024
Vienna, Austria
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 284Total Downloads
- Downloads (Last 12 months)284
- Downloads (Last 6 weeks)39
Reflects downloads up to 22 Feb 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in