Detection of Unauthorized IoT Devices Using Machine Learning Techniques

Meidan, Yair; Bohadana, Michael; Shabtai, Asaf; Ochoa, Martin; Tippenhauer, Nils Ole; Guarnizo, Juan Davis; Elovici, Yuval

doi:10.48550/arxiv.1709.04647

Cited by 36 publications

(50 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They incorporate confidence thresholds and averaged decisions within a sliding window to identify known or unknown device types. Similar research is presented in [51] and [52]. In [53], the authors also present that network traffic, device types, and their operation states (boot, active, and idle) can be inferred simultaneously.…”

Section: A Device Type Identificationsupporting

confidence: 59%

See 1 more Smart Citation

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Liu

Wang

et al. 2021

Preprint

View full text Add to dashboard Cite

The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices' identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Noncryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, continual learning, and abnormality detection.

show abstract

Section: A Device Type Identificationsupporting

confidence: 59%

“…They use one-versus-rest classifiers to identify commercial devices. In [51], The authors first provide a Random Forest classifier using TCP/IP stream features. They incorporate confidence thresholds and averaged decisions within a sliding window to identify known or unknown device types.…”

Section: A Device Type Identificationmentioning

confidence: 99%

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Liu

Wang

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…The third scenario represents the DBFL approach with similar characteristics as the second scenario, but a heterogeneous feature space is used. We employ the IoT device type identification dataset proposed in [15] that has 9 different types of IoT devices. The reason for the selection of the said dataset is two-fold.…”

Section: Generalized Homogeneity Using Dbfl Frameworkmentioning

confidence: 99%

Towards Energy Efficient Distributed Federated Learning for 6G Networks

Khowaja,

Dev,

Khuwaja

et al. 2022

Preprint

View full text Add to dashboard Cite

The provision of communication services via portable and mobile devices, such as aerial base stations, is a crucial concept to be realized in 5G/6G networks. Conventionally, IoT/edge devices need to transmit the data directly to the base station for training the model using machine learning techniques. The data transmission introduces privacy issues that might lead to security concerns and monetary losses. Recently, Federated learning was proposed to partially solve privacy issues via modelsharing with base station. However, the centralized nature of federated learning only allow the devices within the vicinity of base stations to share the trained models. Furthermore, the long-range communication compels the devices to increase transmission power, which raises the energy efficiency concerns. In this work, we propose distributed federated learning (DBFL) framework that overcomes the connectivity and energy efficiency issues for distant devices. The DBFL framework is compatible with mobile edge computing architecture that connects the devices in a distributed manner using clustering protocols. Experimental results show that the framework increases the classification performance by 7.4% in comparison to conventional federated learning while reducing the energy consumption.

show abstract

“…Meidan et al used IoT traffic data to detect and white list IoT devices connected to the current network [8]. They used selected features from TCP sessions information to train their machine learning model.…”

Section: Related Workmentioning

confidence: 99%

Network Traffic Characteristics of IoT Devices in Smart Homes

Mainuddin,

Duan,

Dong

2021

Preprint

View full text Add to dashboard Cite

Understanding network traffic characteristics of IoT devices plays a critical role in improving both the performance and security of IoT devices, including IoT device identification, classification, and anomaly detection. Although a number of existing research efforts have developed machine-learning based algorithms to help address the challenges in improving the security of IoT devices, none of them have provided detailed studies on the network traffic characteristics of IoT devices. In this paper we collect and analyze the network traffic generated in a typical smart homes environment consisting of a set of common IoT (and non-IoT) devices. We analyze the network traffic characteristics of IoT devices from three complementary aspects: remote network servers and port numbers that IoT devices connect to, flow-level traffic characteristics such as flow duration, and packet-level traffic characteristics such as packet inter-arrival time. Our study provides critical insights into the operational and behavioral characteristics of IoT devices, which can help develop more effective security and performance algorithms for IoT devices.

show abstract

Detection of Unauthorized IoT Devices Using Machine Learning Techniques

Cited by 36 publications

References 18 publications

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Towards Energy Efficient Distributed Federated Learning for 6G Networks

Network Traffic Characteristics of IoT Devices in Smart Homes

Contact Info

Product

Resources

About