Position paper

The recent years have garnered huge attention towards the Internet of Things (IoT) because it enables its consumers to improve their lifestyles and professionally keep up with the technological advancements in the cyber-physical world. The IoT edge devices are heterogeneous in terms of the technology they are built on and the storage file formats used. These devices require highly secure modes of mutual authentication to authenticate each other before actually sending the data. Mutual authentication is a very important aspect of peer-to-peer communication. Secure session keys enable these resource-constrained devices to authenticate each other. After successful authentication, a device can be authorized and can be granted access to shared resources. The need for validating a device requesting data transfer to avoid data privacy breaches that may compromise confidentiality and integrity. Blockchain and artificial intelligence (AI) both are extensively being used as an integrated part of IoT networks for security enhancements. Blockchain provides a decentralized mechanism to store validated session keys that can be allotted to the network devices. Blockchain is also used to load balance the stressing edge devices during low battery levels. AI on the other hand provides better learning and adaptiveness towards IoT attacks. The integration of newer technologies in IoT key management yields enhanced security features. In this article, we systematically survey recent trending technologies from an IoT security point of view and discuss traditional key security mechanisms. This article delivers a comprehensive quality study for researchers on authentication and session keys, integrating IoT with blockchain and AI-based authentication in cybersecurity.

show abstract

A Survey of Smart Home IoT Device Classification Using Machine Learning-Based Network Traffic Analysis

Jmila

Blanc

Shahid

et al. 2022

IEEE Access

View full text Add to dashboard Cite

Smart home IoT devices lack proper security, raising safety and privacy concerns. One-sizefits-all network administration is ineffective because of the diverse QoS requirements of IoT devices. Device classification can improve IoT administration and security. It identifies vulnerable and rogue items and automates network administration by device type or function. Considering this, a promising research topic focusing on Machine Learning (ML)-based traffic analysis has emerged in order to demystify hidden patterns in IoT traffic and enable automatic device classification. This study analyzes these approaches to understand their potential and limitations. It starts by describing a generic workflow for IoT device classification. It then looks at the methods and solutions for each stage of the workflow. This mainly consists of i) an analysis of IoT traffic data acquisition methodologies and scenarios, as well as a classification of public datasets, ii) a literature evaluation of IoT traffic feature extraction, categorizing and comparing popular features, as well as describing open-source feature extraction tools, and iii) a comparison of ML approaches for IoT device classification and how they have been evaluated. The findings of the analysis are presented in taxonomies with statistics showing literature trends. This study also explores and suggests undiscovered or understudied research directions. 15 16 and network management policies based on the type of 48 device, each automatically classified device can be assigned 49 to a class with predetermined policies. 50 Note that the term device classification is often confused 51 with many similar tasks, namely i) traffic classification, 52 ii) intrusion detection, iii) device identification, and iv) device 53 fingerprinting. Traffic classification is a broad research field 54 that involves classifying network traffic based on various 55 parameters [5] (see Fig. 1). For instance, traffic can be classi-56 fied as either legitimate or malicious based on attack patterns: 57 this is called intrusion detection. It can also be classified by 58 the device that generates the traffic (device classification). 59 The devices can be categorized into groups of similar devices, 60 such as devices for energy management or devices for health 61 monitoring, or according to their function, such as cameras, 62 hubs, home assistants, etc. Device identification classifies 63 devices more finely according to their model or constructor, 64 such as D-link camera, Nest camera, Alexa home assistant, 65 or Google home mini assistant, etc. Device fingerprinting is 66 the finest level of device classification. It gives each device 67 instance (e.g., camera A and camera B are two instances of 68 the Nest Camera) a distinct fingerprint that is ''impossible to 69 forge and independent of environmental changes and mobil-70 ity'' [6]. In this study, we focus on device classification as 71 a specific case of traffic classification, broader than device 72 identification and device fingerprinting.73 A simple ...

show abstract

Position paper

Cited by 16 publications

References 40 publications

Data Protection and Security Enhancement in Cyber-Physical Systems Using AI and Blockchain

Data Protection and Security Enhancement in Cyber-Physical Systems Using AI and Blockchain

Cyber-physical security for IoT networks: a comprehensive review on traditional, blockchain and artificial intelligence based key-security

A Survey of Smart Home IoT Device Classification Using Machine Learning-Based Network Traffic Analysis

Contact Info

Product

Resources

About