Arman Pashamokhtari scite author profile

Arman Pashamokhtari

5Publications

24Citation Statements Received

386Citation Statements Given

How they've been cited

How they cite others

178

385

Affiliations

UNSW Sydney

Publications

Order By: Most citations

Inferring Connected IoT Devices from IPFIX Records in Residential ISP Networks

Pashamokhtari

Okui

Miyake

et al. 2021

View full text Add to dashboard Cite

Residential ISPs today have limited device-level visibility into subscriber houses, primarily due to network address translation (NAT) technology. The continuous growth of "unmanaged" consumer IoT devices combined with the rise of work-from-home makes home networks attractive targets for cyber attacks. Volumetric attacks sourced from a distributed set of vulnerable IoT devices can impact ISPs by deteriorating the performance of their network, or even making them liable for being a carrier of malicious traffic. This paper explains how ISPs can employ IPFIX (IP Flow Information eXport), a flow-level telemetry protocol available on their network, to infer connected IoT devices and ensure their cyber health without making changes to home networks. Our contributions are threefold: (1) We analyze near three million IPFIX records of 26 IoT devices collected from a residential testbed over three months and identify 28 features, pertinent to their network activity and services, that characterize the network behavior of IoT devices -we release our IPFIX records as open data to the public;(2) We develop a multi-class classifier to infer the presence of certain IoT device types in a home network from NATed IPFIX records. We also develop a Trust metric to track network activity of detected devices over time; and, (3) We evaluate the efficacy of our inferencing method by applying the trained classifier to IPFIX traces which yields an average accuracy of 96% in detecting device types. By computing a temporal measure of trust per each device, we highlight (on our testbed) a permanent behavioral change in third of devices as well as some intermittent behavioral changes in others.

show abstract

Progressive Monitoring of IoT Networks Using SDN and Cost-Effective Traffic Signatures

Pashamokhtari

Gharakheili

Sivaraman

2020

View full text Add to dashboard Cite

The Internet has recently witnessed unprecedented growth of a class of connected assets called the Internet of Things (IoT). Due to relatively immature manufacturing processes and limited computing resources, IoTs have inadequate devicelevel security measures, exposing the Internet to various cyber risks. Therefore, network-level security has been considered a practical and scalable approach for securing IoTs, but this cannot be employed without discovering the connected devices and characterizing their behavior. Prior research leveraged predictable patterns in IoT network traffic to develop inference models. However, they fall short of expectations in addressing practical challenges, preventing them from being deployed in production settings. This thesis identifies four practical challenges and develops techniques to address them which can help secure businesses and protect user privacy against growing cyber threats.My first contribution balances prediction gains against computing costs of traffic features for IoT traffic classification and monitoring. I develop a method to find the best set of specialized models for multi-view classification that can reach an average accuracy of 99%, i.e., a similar accuracy compared to existing works but reducing the cost by a factor of 6. I develop a hierarchy of one-class models per asset class, each at certain granularity, to progressively monitor IoT traffic. My second contribution addresses the challenges of measurement costs and data quality. I develop an inference method that uses stochastic and deterministic modeling to predict IoT devices in home networks from opaque and coarse-grained IPFIX flow data. Evaluations show that false positive rates can be reduced by 75% compared to related work without significantly affecting true positives. My third contribution focuses on the challenge of concept drifts by analyzing over six million flow records collected from 12 real home networks. I develop several inference strategies and compare their performance under concept drift, particularly when labeled data is unavailable in the testing phase. Finally, my fourth contribution studies the resilience of machine learning models against adversarial attacks with a specific focus on decision tree-based models. I develop methods to quantify the vulnerability of a given decision tree-based model against data-driven adversarial attacks and refine vulnerable decision trees, making them robust against 92% of adversarial attacks. i List of PublicationsDuring the course of my Ph.D. candidature, a number of publications have been made based on the work presented here and are listed below for reference.

show abstract

PhD Forum Abstract: Dynamic Inference on IoT Network Traffic using Programmable Telemetry and Machine Learning

Pashamokhtari

2020

View full text Add to dashboard Cite

AdIoTack: Quantifying and refining resilience of decision tree ensemble inference models against adversarial volumetric attacks on IoT networks

Pashamokhtari¹,

Batista²,

Gharakheili³

2022

Computers & Security

View full text Add to dashboard Cite

PicP-MUD: Profiling Information Content of Payloads in MUD Flows for IoT Devices

Pashamokhtari

Sivanathan

Hamza

et al. 2022

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.