Early Generation and Detection of Efficient IoT Device Fingerprints Using Machine Learning

Vian Adnan Ferman, Mohammed Ali Tawfeeq

Abstract


The proliferation of Internet of Things (IoT) markets in the last decade introduces new challenges for network traffic analysis, and processing packet flows to identify IoT devices. This type of device suffers from scarcity, making them vulnerable to spoofing operations. In such circumstances, the device can be recognized by identifying its fingerprint. In this paper, a novel idea to elicit Device FingerPrint (DFP) is presented by extracting 30 features from the collected traffic packets of 19 IoT devices during setup and startup operations. Raspberry Pi 3 Model B+ is configured as an access point to collect and analyze the traffic of seven networked IoT devices using Wireshark Network Protocol Analyzer. Moreover, the rest of IoT devices traffic is taken from the publicly available network traffic dataset. Each IoT device's feature extraction process starts from getting Extensible Authentication Protocol over LAN (EAPOL) protocol, continuing with the other flowed protocols until the first session of Transmission Control Protocol (TCP) related to that device is closed. Depending on some produced variation of device traffic features, 20 fingerprints for each device are created. The probability theorem of Gaussian Naive Bayes (GNB) supervised machine learning is utilized to identify fingerprints of individual known devices and isolate the unknown ones. The performance evaluation for the proposed technique was calculated based on two measures, F1-score and identification accuracy. The average F1 score was around 0.99, while the overall identification accuracy rate was 98.35%.

Keywords


EAPOL protocol; gaussian naive bayes; IoT device fingerprint; network traffic analysis; Raspberry Pi.

Full Text:

PDF

References


A. Aksoy and M. H. Gunes, “Automated IoT device identification using network traffic,” in ICC 2019-2019 IEEE International Conference on Communications (ICC), 2019, pp. 1–7.

S. Zeadally and M. Tsikerdekis, “Securing Internet of Things (IoT) with machine learning,” Int. J. Commun. Syst., vol. 33, no. 1, p. e4169, 2020.

A. Sivanathan et al., “Classifying IoT devices in smart environments using network traffic characteristics,” IEEE Trans. Mob. Comput., vol. 18, no. 8, pp. 1745–1759, 2018.

T. Alam, “A reliable communication framework and its use in internet of things (IoT),” CSEIT1835111| Receiv., vol. 10, pp. 450–456, 2018.

B. Charyyev and M. H. Gunes, “IoT Traffic Flow Identification using Locality Sensitive Hashes,” in ICC 2020-2020 IEEE International Conference on Communications (ICC), 2020, pp. 1–6.

C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long. Beach. Calif)., vol. 50, no. 7, pp. 80–84, 2017.

M. Antonakakis et al., “Understanding the mirai botnet,” in 26th {USENIX} security symposium ({USENIX} Security 17), 2017, pp. 1093–1110.

M. M. Salim, S. Rathore, and J. H. Park, “Distributed denial of service attacks and its defenses in IoT: a survey,” J. Supercomput., pp. 1–44, 2019.

L. Bai, L. Yao, S. S. Kanhere, X. Wang, and Z. Yang, “Automatic device classification from network traffic streams of internet of things,” in 2018 IEEE 43rd conference on local computer networks (LCN), 2018, pp. 1–9.

A. Sivanathan et al., “Characterizing and classifying IoT traffic in smart cities and campuses,” in 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2017, pp. 559–564.

S. Aneja, N. Aneja, and M. S. Islam, “IoT device fingerprint using deep learning,” in 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS), 2018, pp. 174–179.

Q. Xu, R. Zheng, W. Saad, and Z. Han, “Device fingerprinting in wireless networks: Challenges and opportunities,” IEEE Commun. Surv. Tutorials, vol. 18, no. 1, pp. 94–104, 2015.

M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A.-R. Sadeghi, and S. Tarkoma, “IoT sentinel: Automated device-type identification for security enforcement in IoT,” in 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), 2017, pp. 2177–2184.

“The kaggle website,” 2021..

Y. Meidan et al., “ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis,” in Proceedings of the symposium on applied computing, 2017, pp. 506–509.

Y. C. Lin and F. Wang, “Machine Learning Techniques for Recognizing IoT Devices,” in International Computer Symposium, 2018, pp. 673–680.

M. R. Shahid, G. Blanc, Z. Zhang, and H. Debar, “Iot devices recognition through network traffic analysis,” in 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 5187–5192.

S. A. Hamad, W. E. Zhang, Q. Z. Sheng, and S. Nepal, “IoT device Identification via network-flow based fingerprinting and learning,” in 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019, pp. 103–111.

J. Kotak and Y. Elovici, “IoT device identification using deep learning,” in Conference on Complex, Intelligent, and Software Intensive Systems, 2020, pp. 76–86.

B. Bezawada, M. Bachani, J. Peterson, H. Shirazi, I. Ray, and I. Ray, “Iotsense: Behavioral fingerprinting of IoT devices,” arXiv Prepr. arXiv1804.03852, 2018.

O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, “A machine learning-based framework for IoT device identification and abnormal traffic detection,” Trans. Emerg. Telecommun. Technol., p. e3743, 2019.

L. Deng, Y. Feng, D. Chen, and N. Rishe, “IoTspot: Identifying the IoT devices using their anonymous network traffic data,” in MILCOM 2019-2019 IEEE Military Communications Conference (MILCOM), 2019, pp. 1–6.

W. Cheng, Z. Ding, C. Xu, X. Wu, Y. Xia, and J. Mao, “RAFM: A Real-time Auto Detecting and Fingerprinting Method for IoT devices,” in Journal of Physics: Conference Series, 2020, vol. 1518, no. 1, p. 12043.

J. Bao, B. Hamdaoui, and W.-K. Wong, “IoT device type identification using hybrid deep learning approach for increased IoT security,” in 2020 International Wireless Communications and Mobile Computing (IWCMC), 2020, pp. 565–570.

L. Nagy and A. Coleşa, “Router-based IoT Security using Raspberry Pi,” in 2019 18th RoEduNet Conference: Networking in Education and Research (RoEduNet), 2019, pp. 1–6.

J. Brownlee, “Naive Bayes,” in Master Machine Learning Algorithms: discover how they work and implement them from scratch. 2016.

F.-J. Yang, “An implementation of naive Bayes classifier,” in 2018 International Conference on Computational Science and Computational Intelligence (CSCI), 2018, pp. 301–306.




DOI: http://dx.doi.org/10.18517/ijaseit.12.1.14349

Refbacks

  • There are currently no refbacks.



Published by INSIGHT - Indonesian Society for Knowledge and Human Development