IoT device fingerprinting for relieving pressure in the access control

Song, Yubo; Huang, Qiang; Yang, Junjie; Fan, Ming; Hu, Aiqun; Jiang, Yu

doi:10.1145/3321408.3326671

Cited by 43 publications

(21 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For a new data packet from the STA, the framework first extracts the CSI fingerprint C D from the packet and then normalizes it using equation (5). The normalized CSI fingerprint S D is sent to the local authenticator, and the authentication algorithm is shown in Algorithm 2, where v is the input of θ 0 , S ðiÞ D ′ is the output of θ i and w ′ is the output of θ 0 .…”

Section: Packet-level Authenticationmentioning

confidence: 99%

“…Attackers can obtain the identity information of a valid device through wireless sniffing and then use this information to disguise themselves as legitimate devices [2,3]. Attackers can steal confidential data or attack the internal websites after getting authorization [4,5], or they can control other devices by sending spurious instructions [6]. Due to the widespread use of Wi-Fi networks in a range of critical services such as financial transactions and business management, attackers based on the identity of Wi-Fi networks can cause damage to public and private property and disrupt social order.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Song

Chen

et al. 2021

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

Wi-Fi device authentication is crucial for defending against impersonation attacks and information forgery attacks. Most of the existing authentication technologies rely on complex cryptographic algorithms. However, they cannot be supported well on the devices with limited hardware resources. A fine-grained device authentication technology based on channel state information (CSI) provides a noncryptographic method, which uses the CSI fingerprints for authentication since CSI can uniquely identify the devices. But long-term authentication based on CSI fingerprints is a challenging work. First, the CSI fingerprints are environment-sensitive, which means that the local authenticator should be updated to adapt to the changing channel state. Second, the local authenticator trained with old CSI fingerprints is outdated when users reconnect to the network after being offline for a long time, thus, it needs to be retrained in the access phase with new fingerprints. To tackle these challenges, we propose a CSI-based enhancing Wi-Fi device authentication protocol and an authentication framework. The protocol helps to collect new CSI fingerprints for authenticator’s training in access phase and performs the fingerprints’ dispersion analysis for authentication. In the association phase, it provides packet-level authentication and updates the authenticator with valid CSI fingerprints. The authenticator consists of an ensemble of small-scale autoencoders, which has high enough time efficiency for packet-level authentication and authenticator’s update. Experiments show that the accuracy of the framework is up to 98.7%, and the authenticator updating method can help the framework maintains high accuracy.

show abstract

Section: Packet-level Authenticationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Song

Chen

et al. 2021

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Fingerprinting techniques [5], [6], [19], [24]- [26], [30], [31], [33] have been proposed to identify compromised or newly connected IoT devices in a network. In [25], IoT devices are identified using signatures constructed with 23 features (e.g., packet size, source port) extracted from the network traffic flows and vulnerable devices are isolated thanks to a Software-Defined Networking mitigation solution.…”

Section: Related Workmentioning

confidence: 99%

“…In [25], IoT devices are identified using signatures constructed with 23 features (e.g., packet size, source port) extracted from the network traffic flows and vulnerable devices are isolated thanks to a Software-Defined Networking mitigation solution. Similarly in [30], the authors construct signatures from features and statistics (e.g., protocols present, average ip header and payload length) also extracted from the network flows and used a multi-classification algorithm based on a support vector machine. In [5], the authors propose behavioral features which are less impacted by header spoofing by concatenating a feature set over a sequence of packets.…”

Section: Related Workmentioning

confidence: 99%

Inferring Software Composition and Credentials of Embedded Devices from Partial Knowledge

Junges

François

Festor

2021

2021 17th International Conference on Network and Service Management (CNSM)

View full text Add to dashboard Cite

Internet-of-Things (IoT) devices or more generally embedded devices are nowadays commonly deployed in public, personal or work spaces despite suffering from security issues often related to their bad design and/or configuration. For instance, IoT botnets such as Mirai successfully compromised thousands of devices using a bruteforce method on a set of known credentials. Although brute-force attacks against a particular service (e.g. SSH, telnet) generate many packets which can be easily detected and mitigated, attackers can easily rely on TCP scans to assess the services present on a device while maintaining a high level of stealthiness. In this paper, we present a method to reconstruct precise information about an IoT device configuration (brand name, usernames, passwords, software components) from partial knowledge such as open ports revealed by a TCP scan. It relies on constituting a knowledge base from a large dataset of publicly accessible firmware serving as training multiple Random Forest (RF) classifiers. Using a dataset of 6935 embedded devices, the HTTP, SSH or DNS software names can be predicted with a precision higher than 80% with a limited knowledge. The correct HTTP, SSH or DNS versions can be inferred in more than 95% of cases after 1.4 trials on average. Similarly, our technique also predicts the password of at least one valid user in more than 97% of the cases after 1.15 trials on average.

show abstract

“…Behavior modeling collects, processes, profiles, and models the patterns of behavior data. Specific behavior modeling methods were applied to various IoT management tasks, including device identification [21] and intrusion detection [22], and access control [23]. Most of the existing work on the analysis of IoT devices' behavior are inadequate to model the complex behavior of heterogeneous IoT devices from the resource demand perspective.…”

Section: Related Workmentioning

confidence: 99%

BEHAVE: Behavior-Aware, Intelligent and Fair Resource Management for Heterogeneous Edge-IoT Systems

AlQerm

Wang

Pan

et al. 2021

Preprint

View full text Add to dashboard Cite

Edge computing is an emerging solution to support the future Internet of Things (IoT) applications that are delay-sensitive, processing-intensive or that require closer intelligence. Machine intelligence and data-driven approaches are envisioned to build future Edge-IoT systems that satisfy IoT devices' demands for edge resources. However, significant challenges and technical barriers exist which complicate the resource management for such Edge-IoT systems. IoT devices running various applications can demonstrate a wide range of behaviors in the devices' resource demand that are extremely difficult to manage. In addition, the management of multidimensional resources fairly and efficiently by the edge in such a setting is a challenging task. In this paper, we develop a novel data-driven resource management framework named BEHAVE that intelligently and fairly allocates edge resources to heterogeneous IoT devices with consideration of their behavior of resource demand (BRD). BEHAVE aims to holistically address the management technical barriers by: 1) building an efficient scheme for modeling and assessment of the BRD of IoT devices based on their resource requests and resource usage; 2) expanding a new Rational, Fair, and Truthful Resource Allocation (RFTA) model that binds the devices' BRD and resource allocation to achieve fair allocation and encourage truthfulness in resource demand; and 3) developing an enhanced deep reinforcement learning (EDRL) scheme to achieve the RFTA goals. The evaluation results demonstrate BEHAVE's capability to analyze the IoT devices' BRD and adjust its resource management policy accordingly.

show abstract

IoT device fingerprinting for relieving pressure in the access control

Cited by 43 publications

References 21 publications

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Inferring Software Composition and Credentials of Embedded Devices from Partial Knowledge

BEHAVE: Behavior-Aware, Intelligent and Fair Resource Management for Heterogeneous Edge-IoT Systems

Contact Info

Product

Resources

About