research-article

Rapid IoT device identification at the edge

Authors:

Oliver Thompson,

Anna Maria Mandalari,

Hamed HaddadiAuthors Info & Claims

DistributedML '21: Proceedings of the 2nd ACM International Workshop on Distributed Machine Learning

Pages 22 - 28

https://doi.org/10.1145/3488659.3493777

Published: 07 December 2021 Publication History

Abstract

Consumer Internet of Things (IoT) devices are increasingly common in everyday homes, from smart speakers to security cameras. Along with their benefits come potential privacy and security threats. To limit these threats we must implement solutions to filter IoT traffic at the edge. To this end the identification of the IoT device is the first natural step.

In this paper we demonstrate a novel method of rapid IoT device identification that uses neural networks trained on device DNS traffic that can be captured from a DNS server on the local network. The method identifies devices by fitting a model to the first seconds of DNS second-level-domain traffic following their first connection. Since security and privacy threat detection often operate at a device specific level, rapid identification allows these strategies to be implemented immediately. Through a total of 51,000 rigorous automated experiments, we classify 30 consumer IoT devices from 27 different manufacturers with 82% and 93% accuracy for product type and device manufacturers respectively.

Supplementary Material

MP4 File (DistributedML2021-Rapid_IoT_Identification.mp4)

Presentation video of "Rapid IoT Device Identification at the Edge" for DistributedML 2021.

Download
112.46 MB

References

[1]

IoT Analytics. IoT 2020 in review: The 10 most relevant IoT developments of the year. https://iot-analytics.com/iot-2020-in-review/. [Online; accessed Sept. 2021].

[2]

Jingjing Ren, Daniel J. Dubois, David Choffnes, Anna Maria Mandalari, Roman Kolcun, and Hamed Haddadi. Information exposure for consumer IoT devices: A multidimensional, network-informed measurement approach. In Proc. of the Internet Measurement Conference (IMC), 2019.

Digital Library

[3]

Hooman Mohajeri Moghaddam, Gunes Acar, Ben Burgess, Arunesh Mathur, Danny Yuxing Huang, Nick Feamster, Edward W. Felten, Prateek Mittal, and Arvind Narayanan. Watching you watch: The tracking ecosystem of over-the-top TV streaming devices. In CCS'19, 2019.

Digital Library

[4]

Janus Varmarken, Hieu Le, Anastasia Shuba, Athina Markopoulou, and Zubair Shafiq. The TV is smart and full of trackers: Measuring smart TV advertising and tracking. 20st Privacy Enhancing Technologies Symposium (PETS 2020), 2020.

[5]

Ibbad Hafeez, Markku Antikainen, Aaron Yi Ding, and Sasu Tarkoma. IoT-KEEPER: Detecting malicious IoT network activity using online traffic analysis at the edge. IEEE Transactions on Network and Service Management, 17(1):45--59, 2020.

Digital Library

[6]

Anna Maria Mandalari, Daniel J Dubois, Roman Kolcun, Muhammad Talha Paracha, Hamed Haddadi, and David Choffnes. Blocking without breaking: Identification and mitigation of non-essential IoT traffic. 21st Privacy Enhancing Technologies Symposium (PETS 2021), 2021.

[7]

S. Marchal, M. Miettinen, T. D. Nguyen, A.-R. Sadeghi, and N. Asokan. AUDI: Towards autonomous IoT device-type identification using periodic communication. IEEE J. on Sel. Areas in Comm., 37(6), 2019.

[8]

Arunan Sivanathan, Hassan Habibi Gharakheili, Franco Loi, Adam Radford, Chamith Wijenayake, Arun Vishwanath, and Vijay Sivaraman. Classifying IoT devices in smart environments using network traffic characteristics. IEEE Transactions on Mobile Computing, 18(8):1745--1759, 2019.

[9]

Arman Pashamokhtari, Hassan Habibi Gharakheili, and Vijay Sivaraman. Progressive monitoring of IoT networks using SDN and cost-effective traffic signatures. In 2020 Workshop on Emerging Technologies for Security in IoT (ETSecIoT), pages 1--6, 2020.

[10]

Feihong Yin, Li Yang, Yuchen Wang, and Jiahao Dai. IoT ETEI: End-to-end IoT device identification method. In 2021 IEEE Conference on Dependable and Secure Computing (DSC), pages 1--8, 2021.

[11]

Manuel Lopez-Martin, Belen Carro, Antonio Sanchez-Esguevillas, and Jaime Lloret. Network traffic classifier with convolutional and recurrent neural networks for Internet of Things. IEEE Access, 5:18042--18050, 2017.

[12]

Roman Kolcun, Diana Andreea Popescu, Vadim Safronov, Poonam Yadav, Anna Maria Mandalari, Richard Mortier, and Hamed Haddadi. Revisiting IoT device identification. Network Traffic Measurement and Analysis Conference (TMA), 2021.

[13]

Scapy. Packet crafting for python2 and python3. https://scapy.net/. [Online; accessed Sept. 2021].

[14]

Kedar Potdar, Taher S Pardawala, and Chinmay D Pai. A comparative study of categorical variable encoding techniques for neural network classifiers. International journal of computer applications, 175(4):7--9, 2017.

[15]

CL Philip Chen and John Z Wan. A rapid learning and dynamic stepwise updating algorithm for flat neural networks and the application to time-series prediction. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), 29(1):62--72, 1999.

Digital Library

[16]

David Hunter, Hao Yu, Michael S Pukish III, Janusz Kolbusz, and Bogdan M Wilamowski. Selection of proper neural network sizes and architectures---a comparative study. IEEE Transactions on Industrial Informatics, 8(2):228--240, 2012.

[17]

Yair Meidan, Michael Bohadana, Asaf Shabtai, Juan David Guarnizo, Martín Ochoa, Nils Ole Tippenhauer, and Yuval Elovici. ProfilIoT: A machine learning approach for IoT device identification based on network traffic analysis. In Proceedings of the symposium on applied computing, pages 506--509, 2017.

Digital Library

[18]

Ahmet Aksoy and Mehmet Hadi Gunes. Automated IoT device identification using network traffic. In ICC 2019-2019 IEEE International Conference on Communications (ICC), pages 1--7. IEEE, 2019.

[19]

Jaidip Kotak and Yuval Elovici. IoT device identification using deep learning. In Álvaro Herrero, Carlos Cambra, Daniel Urda, Javier Sedano, Héctor Quintián, and Emilio Corchado, editors, 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020), pages 76--86, Cham, 2021. Springer International Publishing.

[20]

Roberto Perdisci, Thomas Papastergiou, Omar Alrawi, and Manos Antonakakis. IoTFinder: Efficient large-scale identification of IoT devices via passive dns traffic analysis. In 2020 IEEE European Symposium on Security and Privacy (EuroSP), pages 474--489, 2020.

Cited By

Anselmi GVekaria YD'Souza ACallejo PMandalari AShafiq ZVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)Watching TV with the Second-Party: A First Look at Automatic Content Recognition Tracking in Smart TVsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3689013(622-634)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3689013
Hadjixenophontos SMandalari AZhao YHaddadi H(2023)PRISM: Privacy Preserving Healthcare Internet of Things Security Management2023 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC58397.2023.10218268(1-5)Online publication date: 9-Jul-2023
https://doi.org/10.1109/ISCC58397.2023.10218268
Zhang ZElkhatib YElhabbash A(2023)NLP-based Generation of Ontological System Descriptions for Composition of Smart Home Devices2023 IEEE International Conference on Web Services (ICWS)10.1109/ICWS60048.2023.00055(360-370)Online publication date: Jul-2023
https://doi.org/10.1109/ICWS60048.2023.00055

Index Terms

Rapid IoT device identification at the edge
1. Networks
2. Security and privacy
  1. Network security

Recommendations

Detecting consumer IoT devices through the lens of an ISP
ANRW '21: Proceedings of the 2021 Applied Networking Research Workshop

Internet of Things (IoT) devices are becoming increasingly popular and offer a wide range of services and functionality to their users. However, there are significant privacy and security risks associated with these devices. IoT devices can infringe ...
Network Traffic Analysis based IoT Device Identification
BDIOT '20: Proceedings of the 2020 4th International Conference on Big Data and Internet of Things

Device identification is the process of identifying a device on Internet without using its assigned network or other credentials. The sharp rise of usage in Internet of Things (IoT) devices has imposed new challenges in device identification due to a ...
Deep dive into the IoT backend ecosystem
IMC '22: Proceedings of the 22nd ACM Internet Measurement Conference

Internet of Things (IoT) devices are becoming increasingly ubiquitous, e.g., at home, in enterprise environments, and in production lines. To support the advanced functionalities of IoT devices, IoT vendors as well as service and cloud companies operate ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

DistributedML '21: Proceedings of the 2nd ACM International Workshop on Distributed Machine Learning

December 2021

44 pages

ISBN:9781450391344

DOI:10.1145/3488659

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 December 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Engineering and Physical Sciences Research Council

Conference

CoNEXT '21

Sponsor:

SIGCOMM

CoNEXT '21: The 17th International Conference on emerging Networking EXperiments and Technologies

December 7, 2021

Virtual Event, Germany

Acceptance Rates

DistributedML '21 Paper Acceptance Rate 5 of 10 submissions, 50%;

Overall Acceptance Rate 5 of 10 submissions, 50%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
247
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)2

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Anselmi GVekaria YD'Souza ACallejo PMandalari AShafiq ZVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)Watching TV with the Second-Party: A First Look at Automatic Content Recognition Tracking in Smart TVsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3689013(622-634)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3689013
Hadjixenophontos SMandalari AZhao YHaddadi H(2023)PRISM: Privacy Preserving Healthcare Internet of Things Security Management2023 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC58397.2023.10218268(1-5)Online publication date: 9-Jul-2023
https://doi.org/10.1109/ISCC58397.2023.10218268
Zhang ZElkhatib YElhabbash A(2023)NLP-based Generation of Ontological System Descriptions for Composition of Smart Home Devices2023 IEEE International Conference on Web Services (ICWS)10.1109/ICWS60048.2023.00055(360-370)Online publication date: Jul-2023
https://doi.org/10.1109/ICWS60048.2023.00055

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten