IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

Miettinen, Markus; Marchal, Samuel; Hafeez, Ibbad; Asokan, N.; Sadeghi, Ahmad‐Reza; Tarkoma, Sasu

doi:10.1109/icdcs.2017.283

Cited by 393 publications

(403 citation statements)

References 25 publications

Supporting

Mentioning

400

Contrasting

Unclassified

Order By: Relevance

“…The device type for their work is the enumeration of a specific device. Work in [8] is, however, limited to the formulation of a method to identify a given device, and does not provide a metric to determine how vulnerable a device is. Network attacks are modeled using attack graphs in [9].…”

Section: Related Workmentioning

confidence: 99%

How Secure Is Your IoT Network?

Payne

Budhraja

Kundu

2019

2019 IEEE International Congress on Internet of Things (ICIOT)

View full text Add to dashboard Cite

The proliferation of IoT devices in smart homes, hospitals, and enterprise networks is widespread and continuing to increase in a superlinear manner. With this unprecedented growth, how can one assess the security of an IoT network holistically? In this article, we explore two dimensions of security assessment, using vulnerability information of IoT devices and their underlying components (compositional security scores) and SIEM logs captured from the communications and operations of such devices in a network (dynamic activity metrics) to propose the notion of an attack circuit. These measures are used to evaluate the security of IoT devices and the overall IoT network, demonstrating the effectiveness of attack circuits as practical tools for computing security metrics (exploitability, impact, and risk to confidentiality, integrity, and availability) of heterogeneous networks. We propose methods for generating attack circuits with input/output pairs constructed from CVEs using natural language processing (NLP) and with weights computed using standard security scoring procedures, as well as efficient optimization methods for evaluating attack circuits. Our system provides insight into possible attack paths an adversary may utilize based on their exploitability, impact, or overall risk. We have performed experiments on IoT networks to demonstrate the efficacy of the proposed techniques. in 2010. His work has led to over 120 patents filed with over 100 patents granted, and over 40 research papers. He was recognized with the prestigious CERIAS Diamond Award for his outstanding contribution to cybersecurity research during his Ph.D. He is an IEEE Senior Member.

show abstract

Section: Related Workmentioning

confidence: 99%

How Secure Is Your IoT Network?

Payne

Budhraja

Kundu

2019

2019 IEEE International Congress on Internet of Things (ICIOT)

View full text Add to dashboard Cite

show abstract

“…The IoT SENTINEL proposed in [14] is designed to probe the WiFi and Ethernet traffic flows in an IoT network. The connected devices are identified by their MAC address.…”

Section: Related Workmentioning

confidence: 99%

Toward an Intrusion Detection Approach for IoT Based on Radio Communications Profiling

Roux

Alata

Auriol

et al. 2017

2017 13th European Dependable Computing Conference (EDCC)

View full text Add to dashboard Cite

Abstract-Nowadays, more and more Internet-of-Things (IoT) smart products, interconnected through various wireless communication technologies (Wifi, Bluetooth, Zigbee, Z-wave, etc.) are integrated in daily life, especially in homes, factories, cities, etc. Such IoT technologies have become very attractive with a large variety of new services offered to improve the quality of life of the endusers or to create new economic markets.However, the security of such connected objects is a real concern due to weak or flawed security designs, configuration errors or imperfect maintenance. Moreover, the vulnerabilities discovered in IoT products are often difficult to eliminate because, most of the time, they cannot be patched easily. Therefore, protection mechanisms are needed to mitigate the potential risks induced by such objects in private and public connected areas.In this paper, we propose a novel approach to detect potential attacks in smart places (e.g. smart homes) by detecting deviations from legitimate communication behavior, in particular at the physical layer. The proposed solution is based on the profiling and monitoring of the Radio Signal Strenght Indication (RSSI) associated to the wireless transmissions of the connected objects. A machine learning neural network algorithm is used to characterize legitimate communications and to identify suspiscious scenarios. We show the feasibility of this approach and discuss some possible application cases.

show abstract

“…intrusion detection [12], the identification of Android applications usage [2], IoT devices [7] or web crawlers [4]. Most proposals focus though on modeling communications made by a single host [5], [6], [13] i.e.…”

Section: Related Workmentioning

confidence: 99%

Profiling Users by Modeling Web Transactions

Tomsu¹,

Marchal²,

Asokan³

2017

2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)

Self Cite

View full text Add to dashboard Cite

Abstract-Users of electronic devices, e.g., laptop, smartphone, etc. have characteristic behaviors while surfing the Web. Profiling this behavior can help identify the person using a given device. In this paper, we introduce a technique to profile users based on their web transactions. We compute several features extracted from a sequence of web transactions and use them with oneclass classification techniques to profile a user. We assess the efficacy and speed of our method at differentiating 25 synthetic users on a benchmark dataset (from a major security vendor) representing 6 months of web traffic monitoring from a small enterprise network.

show abstract

IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

Cited by 393 publications

References 25 publications

How Secure Is Your IoT Network?

How Secure Is Your IoT Network?

Toward an Intrusion Detection Approach for IoT Based on Radio Communications Profiling

Profiling Users by Modeling Web Transactions

Contact Info

Product

Resources

About